Deserialization Vulnerability in Apache ActiveMQ Artemis Products
CVE-2016-4978

7.2HIGH

Key Information:

Vendor
Apache
Status
ActiveMQ Artemis
Vendor
CVE Published:
27 September 2016

Summary

The getObject method of the javax.jms.ObjectMessage class in the JMS Core client, Artemis broker, and Artemis REST component in Apache ActiveMQ Artemis allows remote authenticated users, who have permission to send messages to the broker, to potentially deserialize arbitrary objects. This can lead to the execution of arbitrary code by taking advantage of gadget classes present on the Artemis classpath, posing significant security risks to environments utilizing the affected versions.

References

https://www.blackhat.com/docs/us-16/materials/us-16-Kaise...
x_refsource_MISC
http://www.securityfocus.com/bid/93142
vdb-entryx_refsource_BID
https://access.redhat.com/errata/RHSA-2018:1448
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.