CVE-2018-14721

HIGH

Description

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.

References

https://access.redhat.com/errata/RHBA-2019:0959

https://access.redhat.com/errata/RHSA-2019:0782

https://access.redhat.com/errata/RHSA-2019:1106

https://access.redhat.com/errata/RHSA-2019:1107

https://access.redhat.com/errata/RHSA-2019:1108

https://access.redhat.com/errata/RHSA-2019:1140

https://access.redhat.com/errata/RHSA-2019:1822

https://access.redhat.com/errata/RHSA-2019:1823

https://access.redhat.com/errata/RHSA-2019:2858

https://access.redhat.com/errata/RHSA-2019:3149

https://access.redhat.com/errata/RHSA-2019:3892

https://access.redhat.com/errata/RHSA-2019:4037

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7

https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44

https://github.com/FasterXML/jackson-databind/issues/2097

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.pulsar.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.geode.apache.org%3E

https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html

https://seclists.org/bugtraq/2019/May/68

https://security.netapp.com/advisory/ntap-20190530-0003/

https://www.debian.org/security/2019/dsa-4452

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Details

Source: MITRE

Published: 2019-01-02

Updated: 2020-08-31

Type: CWE-918

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 10

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc1:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc2:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc3:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc1:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc2:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr1:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr2:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr3:*:*:*:*:*:*

cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr4:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from 17.1 to 17.12 (inclusive)

cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_merchandising_system:16.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*

Tenable Plugins

View all (9 total)

IDNameProductFamilySeverity
141314FreeBSD : payara -- multiple vulnerabilities (71c71ce0-0805-11eb-a3a4-0019dbb15b3f)NessusFreeBSD Local Security Checks
high
135204Oracle NoSQL Database Enterprise Server-Side Request Forgery (October 2019 CPU)NessusDatabases
high
130058Oracle Database Server Multiple Vulnerabilities (Oct 2019 CPU)NessusDatabases
high
125416Debian DSA-4452-1 : jackson-databind - security updateNessusDebian Local Security Checks
high
124841RHEL 7 : JBoss EAP (RHSA-2019:1108)NessusRed Hat Local Security Checks
high
124840RHEL 6 : JBoss EAP (RHSA-2019:1107)NessusRed Hat Local Security Checks
high
122603Debian DLA-1703-1 : jackson-databind security updateNessusDebian Local Security Checks
high
122290Fedora 29 : bouncycastle / eclipse-jgit / eclipse-linuxtools / etc (2019-df57551f6d)NessusFedora Local Security Checks
high
121251Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2019 CPU)NessusCGI abuses
high