CVE-2018-14718

HIGH

Description

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.

References

http://www.securityfocus.com/bid/106601

https://access.redhat.com/errata/RHBA-2019:0959

https://access.redhat.com/errata/RHSA-2019:0782

https://access.redhat.com/errata/RHSA-2019:0877

https://access.redhat.com/errata/RHSA-2019:1782

https://access.redhat.com/errata/RHSA-2019:1797

https://access.redhat.com/errata/RHSA-2019:1822

https://access.redhat.com/errata/RHSA-2019:1823

https://access.redhat.com/errata/RHSA-2019:2804

https://access.redhat.com/errata/RHSA-2019:2858

https://access.redhat.com/errata/RHSA-2019:3002

https://access.redhat.com/errata/RHSA-2019:3140

https://access.redhat.com/errata/RHSA-2019:3149

https://access.redhat.com/errata/RHSA-2019:3892

https://access.redhat.com/errata/RHSA-2019:4037

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7

https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44

https://github.com/FasterXML/jackson-databind/issues/2097

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.lucene.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.lucene.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.lucene.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.drill.apache.org%3E

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

https://seclists.org/bugtraq/2019/May/68

https://security.netapp.com/advisory/ntap-20190530-0003/

https://www.debian.org/security/2019/dsa-4452

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/security-alerts/cpujan2020.html

https://www.oracle.com/security-alerts/cpuoct2020.html

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Details

Source: MITRE

Published: 2019-01-02

Updated: 2020-10-20

Type: CWE-502

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc1:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc2:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc3:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc1:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc2:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr1:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr2:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr3:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr4:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from 17.1 to 17.12 (inclusive)

cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_merchandising_system:16.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*

Tenable Plugins

View all (7 total)

ID	Name	Product	Family	Severity
141314	FreeBSD : payara -- multiple vulnerabilities (71c71ce0-0805-11eb-a3a4-0019dbb15b3f)	Nessus	FreeBSD Local Security Checks	high
125416	Debian DSA-4452-1 : jackson-databind - security update	Nessus	Debian Local Security Checks	high
122603	Debian DLA-1703-1 : jackson-databind security update	Nessus	Debian Local Security Checks	high
122290	Fedora 29 : bouncycastle / eclipse-jgit / eclipse-linuxtools / etc (2019-df57551f6d)	Nessus	Fedora Local Security Checks	high
121347	Oracle WebCenter Portal Multiple Vulnerabilities (Jan 2019 CPU)	Nessus	Misc.	high
121257	Oracle Application Testing Suite Multiple Vulnerabilities (Jan 2019 CPU)	Nessus	Misc.	high
121251	Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2019 CPU)	Nessus	CGI abuses	high