CVE

GHSA-j7mw-7crr-658v

Richfaces vulnerable to arbitrary code execution

CVE

GHSA-j7mw-7crr-658v

Richfaces vulnerable to arbitrary code execution

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData.

Package Versions Affected

No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

CVSS Version

9.8

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H

9.8

3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Related Resources

No items found.

References

https://nvd.nist.gov/vuln/detail/CVE-2018-14667, https://github.com/richfaces/richfaces/commit/1372eb716c1a215a5af124198f21bde33fafad06, https://access.redhat.com/errata/RHSA-2018:3517, https://access.redhat.com/errata/RHSA-2018:3518, https://access.redhat.com/errata/RHSA-2018:3519, https://access.redhat.com/errata/RHSA-2018:3581, https://bugzilla.redhat.com/showbug.cgi?id=CVE-2018-14667, https://www.cisa.gov/known-exploited-vulnerabilities-catalog?fieldcve=CVE-2018-14667, http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html, http://seclists.org/fulldisclosure/2020/Mar/21

Severity

9.8

CVSS Score

Basic Information

Ecosystem

Base CVSS

9.8

EPSS Probability

0.89374%

EPSS Percentile

0.99523%

Introduced Version

0,4.0.0.Alpha2

Fix Available

3.3.4

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.

Fix Without Upgrading

Get a Demo

Let's Patch It!

GHSA-j7mw-7crr-658v