Описание
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server.
A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.
Отчет
- Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.
- Red Hat OpenStack's OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.
Меры по смягчению последствий
This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application's ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat BPM Suite 6 | jackson-databind | Will not fix | ||
| Red Hat JBoss A-MQ 6 | jackson-databind | Affected | ||
| Red Hat JBoss Fuse 6 | jackson-databind | Affected | ||
| Red Hat Mobile Application Platform 4 | jackson-databind | Not affected | ||
| Red Hat OpenShift Application Runtimes | jackson-databind | Not affected | ||
| Red Hat OpenShift Container Platform 3.10 | elasticsearch-cloud-kubernetes | Affected | ||
| Red Hat OpenShift Container Platform 3.10 | openshift-elasticsearch-plugin | Affected | ||
| Red Hat OpenShift Container Platform 3.6 | elasticsearch-cloud-kubernetes | Out of support scope | ||
| Red Hat OpenShift Container Platform 3.6 | openshift-elasticsearch-plugin | Out of support scope | ||
| Red Hat OpenShift Container Platform 3.7 | elasticsearch-cloud-kubernetes | Out of support scope |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server.
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server.
A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...
Deserialization of untrusted data in FasterXML jackson-databind
Уязвимость библиотеки Jackson-databind, связанная с отсутствием защиты служебных данных, позволяющая нарушителю читать произвольные файлы на сервере
EPSS
7.5 High
CVSS3