Lucene search
Veracode Vulnerability DatabaseVERACODE:12954HistoryJan 15, 2019 - 9:24 a.m.
Arbitrary Code Execution
2019-01-1509:24:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
EPSS
0.938
Percentile
99.2%
jbossas is vulnerable to arbitrary code execution attacks. The vulnerability exists as Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data.
Related
checkpoint_advisories
checkpoint_advisories
redhat
redhat
zdt
zdt
JBOSSAS 5.x/6.x Deserializer Vulnerability
2017-11-27 00:00:00
cisa_kev
cisa_kev
Red Hat JBoss Application Server Remote Code Execution Vulnerability
2021-12-10 00:00:00
cvelist
cvelist
CVE-2017-12149
2017-10-04 20:00:00
cve
cve
CVE-2017-12149
2017-10-04 21:01:00
seebug
seebug
JBOSSAS 5.x/6.x εεΊεεε½δ»€ζ§θ‘ζΌζ΄οΌCVE-2017-12149οΌ
2017-11-22 00:00:00
attackerkb
attackerkb
CVE-2017-12149
2017-10-04 00:00:00
ubuntucve
ubuntucve
CVE-2017-12149
2017-10-04 00:00:00
nessus
nessus
prion
prion
Deserialization of untrusted data
2017-10-04 21:01:00
nvd
nvd
CVE-2017-12149
2017-10-04 21:01:00
redhatcve
redhatcve
CVE-2017-12149
2017-08-30 06:18:22
nuclei
nuclei
Jboss Application Server - Remote Code Execution
2021-05-11 11:07:05
thn
thn
A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries
2021-10-04 12:48:00
threatpost
threatpost
New APT ChamelGang Targets Russian Energy, Aviation Orgs
2021-10-01 12:36:25
metasploit
metasploit
JBoss Vulnerability Scanner
2010-06-21 16:53:52
packetstorm
packetstorm
JBoss Scanner
2024-09-01 00:00:00
cisa
cisa
CISA Adds Thirteen Known Exploited Vulnerabilities to Catalog
2021-12-10 00:00:00
CISA Adds 13 Known Exploited Vulnerabilities to Catalog
2021-12-10 00:00:00
impervablog
impervablog
Deserialization Attacks Surge Motivated by Illegal Crypto-mining
2018-01-24 17:45:08
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
githubexploit
githubexploit
Exploit for CVE-2014-4210
2022-03-19 01:54:15
Exploit for CVE-2014-4210
2022-03-19 01:54:15