Remote Code Execution Vulnerability in Atlassian Crowd LDAP Connector
CVE-2016-6496

9.8CRITICAL

Key Information:

Vendor

Atlassian
Status
Crowd
Vendor
CVE Published:
9 December 2016

What is CVE-2016-6496?

The LDAP directory connector in Atlassian Crowd prior to the specified versions is susceptible to an exploitation method that allows remote attackers to execute arbitrary code. This is achieved via a malicious LDAP attribute that contains a crafted serialized Java object, effectively compromising the integrity of the application through a process known as LDAP entry poisoning. Such a vulnerability underscores the importance of secure parsing and validation of user input to prevent unauthorized code execution.

References

https://jira.atlassian.com/browse/CWD-4790
x_refsource_CONFIRM
http://www.securityfocus.com/archive/1/539655/100/0/threaded
mailing-listx_refsource_BUGTRAQ
https://www.blackhat.com/docs/us-16/materials/us-16-Munoz...
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2016-6496 : Remote Code Execution Vulnerability in Atlassian Crowd LDAP Connector