Remote Code Execution (RCE)

2019-01-1509:25:47

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.708 High

EPSS

Percentile

98.1%

JSON

richfaces is vulnerable to remote code execution (RCE) attacks. The vulnerability exists as the RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData.

CPENameOperatorVersion
richfaceseq3.3.1__6.SP3_patch_01.ep5.el5
richfaceseq3.3.1__4.SP3_patch_02.ep5.el6_10
richfaceseq3.3.1__1.SP3.ep5.el5
richfaceseq3.3.1__3.SP3_patch_01.ep5.el6
richfaceseq3.3.1__1.SP3.1.ep5.el6
richfaceseq3.3.1__7.SP3_patch_02.ep5.el5
richfaceseq3.3.0__1.24.ep5.el5

Name	Operator	Version
richfaces	eq	3.3.1__6.SP3_patch_01.ep5.el5
richfaces	eq	3.3.1__4.SP3_patch_02.ep5.el6_10
richfaces	eq	3.3.1__1.SP3.ep5.el5
richfaces	eq	3.3.1__3.SP3_patch_01.ep5.el6
richfaces	eq	3.3.1__1.SP3.1.ep5.el6
richfaces	eq	3.3.1__7.SP3_patch_02.ep5.el5
richfaces	eq	3.3.0__1.24.ep5.el5