CVE-2018-5968

CVE-2018-5968

FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.

Published Feb 14, 2018

javaExploit/jackson-rce-via-two-new-gadgets Issue #1899 blog.sonatype.com blog.sonatype.com

CVSS ScoreHigh

8.1

Vulnerabilities

CVE-2018-5968

Published Feb 14, 2018

javaExploit/jackson-rce-via-two-new-gadgets Issue #1899 blog.sonatype.com blog.sonatype.com

CVSS ScoreHigh

8.1

CVE-2018-5968 Security Details

CVE ID: CVE-2018-5968
CWE: CWE-184
CWE-502
CVE Description: FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.
Published: Feb 14, 2018
CVSS Score & Severity: 8.1High
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score: 1.965%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.createBeanDeserializer(Lcom/fasterxml/jackson/databind/DeserializationContext;Lcom/fasterxml/jackson/databind/JavaType;Lcom/fasterxml/jackson/databind/BeanDescription;)Lcom/fasterxml/jackson/databind/JsonDeserializer;
JVM
com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.createBeanDeserializer(Lcom/fasterxml/jackson/databind/DeserializationContext;Lcom/fasterxml/jackson/databind/JavaType;Lcom/fasterxml/jackson/databind/BeanDescription;)Lcom/fasterxml/jackson/databind/JsonDeserializer;
JVMVulnerable params: 0
com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.validateSubType(Lcom/fasterxml/jackson/databind/DeserializationContext;Lcom/fasterxml/jackson/databind/JavaType;)V
JVM
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · javaExploit/jackson-rce-via-two-new-gadgetsATTACK
GitHub · Issue #1899PROJECT
blog.sonatype.comTHIRD_PARTY
blog.sonatype.comTHIRD_PARTY

CVE-2018-5968 Security Details

CVE ID: CVE-2018-5968
CWE: CWE-184
CWE-502
CVE Description: FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.
Published: Feb 14, 2018
CVSS Score & Severity: 8.1High
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score: 1.965%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Vulnerable Methods: com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.createBeanDeserializer(Lcom/fasterxml/jackson/databind/DeserializationContext;Lcom/fasterxml/jackson/databind/JavaType;Lcom/fasterxml/jackson/databind/BeanDescription;)Lcom/fasterxml/jackson/databind/JsonDeserializer;
JVM
com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.createBeanDeserializer(Lcom/fasterxml/jackson/databind/DeserializationContext;Lcom/fasterxml/jackson/databind/JavaType;Lcom/fasterxml/jackson/databind/BeanDescription;)Lcom/fasterxml/jackson/databind/JsonDeserializer;
JVMVulnerable params: 0
com/fasterxml/jackson/databind/jsontype/impl/SubTypeValidator.validateSubType(Lcom/fasterxml/jackson/databind/DeserializationContext;Lcom/fasterxml/jackson/databind/JavaType;)V
JVM
Affected Ecosystems: affected
Source: National Vulnerability Database
References: GitHub · javaExploit/jackson-rce-via-two-new-gadgetsATTACK
GitHub · Issue #1899PROJECT
blog.sonatype.comTHIRD_PARTY
blog.sonatype.comTHIRD_PARTY

Find vulnerabilities. Fix fast with AI.

CVE-2018-5968

CVE-2018-5968 Security Details

CVE-2018-5968 Security Details