Vulnerabilities > CVE-2017-3203 - Deserialization of Untrusted Data vulnerability in Pivotal Spring-Flex

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

The Java implementations of AMF3 deserializers in Pivotal/Spring Spring-flex derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized.

Vulnerable Configurations

Part Description Count
Application
Pivotal
1

Common Weakness Enumeration (CWE)

Seebug

bulletinFamilyexploit
descriptionDetails reference: https://codewhitesec.blogspot.kr/2017/04/amf.html Some Java implementations of AMF3 deserializers derive class instances from java. io. Externalizable rather than the AMF3 specification's recommendation of a flash. utils. IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized. The reporter has identified the following products and versions as being affected, and CVE IDS have been assigned as follows: \- Atlassian JIRA, versions from 4.2.4 prior to version 6.3.0 - CVE-2017-5983 for \- Flamingo amf-serializer by Exadel, version 2.2.0 - CVE-2017-3201 \- GraniteDS, version 3.1.1. GA - CVE-2017-3199 \- Pivotal/Spring spring-flex - CVE-2017-3203 \- WebORB for Java by Midnight Coders, version 5.1.1.0 - CVE-2017-3207 Products using these libraries may also be impacted.
idSSV:92913
last seen2017-11-19
modified2017-04-06
published2017-04-06
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-92913
titleAMF3 Java implementations deserialization Vulnerability