CVE-2018-14718

HIGH

Description

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.

References

http://www.securityfocus.com/bid/106601

https://access.redhat.com/errata/RHBA-2019:0959

https://access.redhat.com/errata/RHSA-2019:0782

https://access.redhat.com/errata/RHSA-2019:0877

https://access.redhat.com/errata/RHSA-2019:1782

https://access.redhat.com/errata/RHSA-2019:1797

https://access.redhat.com/errata/RHSA-2019:1822

https://access.redhat.com/errata/RHSA-2019:1823

https://access.redhat.com/errata/RHSA-2019:2804

https://access.redhat.com/errata/RHSA-2019:2858

https://access.redhat.com/errata/RHSA-2019:3002

https://access.redhat.com/errata/RHSA-2019:3140

https://access.redhat.com/errata/RHSA-2019:3149

https://access.redhat.com/errata/RHSA-2019:3892

https://access.redhat.com/errata/RHSA-2019:4037

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7

https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44

https://github.com/FasterXML/jackson-databind/issues/2097

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.lucene.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.lucene.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.lucene.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.drill.apache.org%3E

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

https://seclists.org/bugtraq/2019/May/68

https://security.netapp.com/advisory/ntap-20190530-0003/

https://www.debian.org/security/2019/dsa-4452

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/security-alerts/cpujan2020.html

https://www.oracle.com/security-alerts/cpuoct2020.html

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Details

Source: MITRE

Published: 2019-01-02

Updated: 2020-10-20

Type: CWE-502

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc1:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc2:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc3:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc1:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc2:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr1:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr2:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr3:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr4:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from 17.1 to 17.12 (inclusive)

cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_merchandising_system:16.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
141314FreeBSD : payara -- multiple vulnerabilities (71c71ce0-0805-11eb-a3a4-0019dbb15b3f)NessusFreeBSD Local Security Checks
high
125416Debian DSA-4452-1 : jackson-databind - security updateNessusDebian Local Security Checks
high
122603Debian DLA-1703-1 : jackson-databind security updateNessusDebian Local Security Checks
high
122290Fedora 29 : bouncycastle / eclipse-jgit / eclipse-linuxtools / etc (2019-df57551f6d)NessusFedora Local Security Checks
high
121347Oracle WebCenter Portal Multiple Vulnerabilities (Jan 2019 CPU)NessusMisc.
high
121257Oracle Application Testing Suite Multiple Vulnerabilities (Jan 2019 CPU)NessusMisc.
high
121251Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2019 CPU)NessusCGI abuses
high