CVE-2016-7050 - SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC

CVE-2016-7050

Summary

SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.

References

Vulnerable Configurations

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 16-06-2017 - 12:03)
Impact:
Exploitability:

CWE

CWE-502

CAPEC

Object Injection
An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

redhat via4

advisories

bugzilla

id	1378613
title	CVE-2016-7050 RESTEasy:SerializableProvider enabled by default and deserializes untrusted data

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND
comment resteasy-base is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604001
comment resteasy-base is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141011002

AND

comment resteasy-base-atom-provider is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604003
comment resteasy-base-atom-provider is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141011004

AND

comment resteasy-base-client is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604005
comment resteasy-base-client is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20162604006

AND

comment resteasy-base-jackson-provider is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604007
comment resteasy-base-jackson-provider is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141011006

AND

comment resteasy-base-javadoc is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604009
comment resteasy-base-javadoc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141011008

AND

comment resteasy-base-jaxb-provider is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604011
comment resteasy-base-jaxb-provider is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141011010

AND

comment resteasy-base-jaxrs is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604013
comment resteasy-base-jaxrs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141011012

AND

comment resteasy-base-jaxrs-all is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604015
comment resteasy-base-jaxrs-all is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141011014

AND

comment resteasy-base-jaxrs-api is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604017
comment resteasy-base-jaxrs-api is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141011016

AND

comment resteasy-base-jettison-provider is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604019
comment resteasy-base-jettison-provider is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141011018

AND

comment resteasy-base-providers-pom is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604021
comment resteasy-base-providers-pom is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141011020

AND

comment resteasy-base-resteasy-pom is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604023
comment resteasy-base-resteasy-pom is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20162604024

AND

comment resteasy-base-tjws is earlier than 0:3.0.6-4.el7
oval oval:com.redhat.rhsa:tst:20162604025
comment resteasy-base-tjws is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20141011022

rhsa

id	RHSA-2016:2604
released	2016-11-03
severity	Important
title	RHSA-2016:2604: resteasy-base security and bug fix update (Important)

rpms

resteasy-base-0:3.0.6-4.el7
resteasy-base-atom-provider-0:3.0.6-4.el7
resteasy-base-client-0:3.0.6-4.el7
resteasy-base-jackson-provider-0:3.0.6-4.el7
resteasy-base-javadoc-0:3.0.6-4.el7
resteasy-base-jaxb-provider-0:3.0.6-4.el7
resteasy-base-jaxrs-0:3.0.6-4.el7
resteasy-base-jaxrs-all-0:3.0.6-4.el7
resteasy-base-jaxrs-api-0:3.0.6-4.el7
resteasy-base-jettison-provider-0:3.0.6-4.el7
resteasy-base-providers-pom-0:3.0.6-4.el7
resteasy-base-resteasy-pom-0:3.0.6-4.el7
resteasy-base-tjws-0:3.0.6-4.el7

refmap via4

confirm

https://bugzilla.redhat.com/show_bug.cgi?id=1378613

Last major update

16-06-2017 - 12:03

Published

08-06-2017 - 19:29

Last modified

16-06-2017 - 12:03