Vulnerabilities > CVE-2017-3199 - Deserialization of Untrusted Data vulnerability in Graniteds 3.1.1
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The Java implementation of GraniteDS, version 3.1.1.GA, AMF3 deserializers derives class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Seebug
| bulletinFamily | exploit |
| description | Details reference: https://codewhitesec.blogspot.kr/2017/04/amf.html Some Java implementations of AMF3 deserializers derive class instances from java. io. Externalizable rather than the AMF3 specification's recommendation of a flash. utils. IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized. The reporter has identified the following products and versions as being affected, and CVE IDS have been assigned as follows: \- Atlassian JIRA, versions from 4.2.4 prior to version 6.3.0 - CVE-2017-5983 for \- Flamingo amf-serializer by Exadel, version 2.2.0 - CVE-2017-3201 \- GraniteDS, version 3.1.1. GA - CVE-2017-3199 \- Pivotal/Spring spring-flex - CVE-2017-3203 \- WebORB for Java by Midnight Coders, version 5.1.1.0 - CVE-2017-3207 Products using these libraries may also be impacted. |
| id | SSV:92913 |
| last seen | 2017-11-19 |
| modified | 2017-04-06 |
| published | 2017-04-06 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-92913 |
| title | AMF3 Java implementations deserialization Vulnerability |