Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for webMethods OneData by Software AG
CVE-2023-0925 (GCVE-0-2023-0925)
Vulnerability from cvelistv5 – Published: 2023-09-06 17:27 – Updated: 2024-09-26 19:12
VLAI
Title
Software AG webMethods OneData Deserialization Vulnerability
Summary
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry (listening on TCP port 2099 by default) and two RMI interfaces (listening on a single, dynamically assigned TCP high port).
Port 2099 serves as a Java Remote Method Invocation (RMI) registry which allows for remotely loading and processing data via RMI interfaces. An unauthenticated attacker with network connectivity to the RMI registry and RMI interface ports can abuse this functionality to instruct the webMethods OneData application to load a malicious serialized Java object as a parameter to one of the available Java methods presented by the RMI interface. Once deserialized on the vulnerable server, the malicious code runs as whichever operating system account is used to run the software, which in most cases is the local System account on Windows.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Software AG | webMethods OneData |
Affected:
10.11
|
|
| softwareag | webmethods |
Affected:
10.11
cpe:2.3:a:softwareag:webmethods:10.11:*:*:*:*:*:*:* |
|
| azul | zulu |
Affected:
11.0.15
cpe:2.3:a:azul:zulu:11.0.15:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:24:34.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.softwareag.com/en_corporate/platform/integration-apis/webmethods-integration.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:softwareag:webmethods:10.11:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webmethods",
"vendor": "softwareag",
"versions": [
{
"status": "affected",
"version": "10.11"
}
]
},
{
"cpes": [
"cpe:2.3:a:azul:zulu:11.0.15:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "zulu",
"vendor": "azul",
"versions": [
{
"status": "affected",
"version": "11.0.15"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0925",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T19:10:11.367016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:12:41.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "webMethods OneData",
"vendor": "Software AG",
"versions": [
{
"status": "affected",
"version": "10.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry (listening on TCP port 2099 by default) and two RMI interfaces (listening on a single, dynamically assigned TCP high port).\r\n\r\nPort 2099 serves as a Java Remote Method Invocation (RMI) registry which allows for remotely loading and processing data via RMI interfaces. An unauthenticated attacker with network connectivity to the RMI registry and RMI interface ports can abuse this functionality to instruct the webMethods OneData application to load a malicious serialized Java object as a parameter to one of the available Java methods presented by the RMI interface. Once deserialized on the vulnerable server, the malicious code runs as whichever operating system account is used to run the software, which in most cases is the local System account on Windows."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T17:27:05.357Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.softwareag.com/en_corporate/platform/integration-apis/webmethods-integration.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Software AG webMethods OneData Deserialization Vulnerability",
"x_generator": {
"engine": "VINCE 2.1.4",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-0925"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-0925",
"datePublished": "2023-09-06T17:27:05.357Z",
"dateReserved": "2023-02-20T16:59:11.959Z",
"dateUpdated": "2024-09-26T19:12:41.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0925 (GCVE-0-2023-0925)
Vulnerability from nvd – Published: 2023-09-06 17:27 – Updated: 2024-09-26 19:12
VLAI
Title
Software AG webMethods OneData Deserialization Vulnerability
Summary
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry (listening on TCP port 2099 by default) and two RMI interfaces (listening on a single, dynamically assigned TCP high port).
Port 2099 serves as a Java Remote Method Invocation (RMI) registry which allows for remotely loading and processing data via RMI interfaces. An unauthenticated attacker with network connectivity to the RMI registry and RMI interface ports can abuse this functionality to instruct the webMethods OneData application to load a malicious serialized Java object as a parameter to one of the available Java methods presented by the RMI interface. Once deserialized on the vulnerable server, the malicious code runs as whichever operating system account is used to run the software, which in most cases is the local System account on Windows.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Software AG | webMethods OneData |
Affected:
10.11
|
|
| softwareag | webmethods |
Affected:
10.11
cpe:2.3:a:softwareag:webmethods:10.11:*:*:*:*:*:*:* |
|
| azul | zulu |
Affected:
11.0.15
cpe:2.3:a:azul:zulu:11.0.15:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:24:34.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.softwareag.com/en_corporate/platform/integration-apis/webmethods-integration.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:softwareag:webmethods:10.11:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webmethods",
"vendor": "softwareag",
"versions": [
{
"status": "affected",
"version": "10.11"
}
]
},
{
"cpes": [
"cpe:2.3:a:azul:zulu:11.0.15:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "zulu",
"vendor": "azul",
"versions": [
{
"status": "affected",
"version": "11.0.15"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-0925",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T19:10:11.367016Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T19:12:41.171Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "webMethods OneData",
"vendor": "Software AG",
"versions": [
{
"status": "affected",
"version": "10.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry (listening on TCP port 2099 by default) and two RMI interfaces (listening on a single, dynamically assigned TCP high port).\r\n\r\nPort 2099 serves as a Java Remote Method Invocation (RMI) registry which allows for remotely loading and processing data via RMI interfaces. An unauthenticated attacker with network connectivity to the RMI registry and RMI interface ports can abuse this functionality to instruct the webMethods OneData application to load a malicious serialized Java object as a parameter to one of the available Java methods presented by the RMI interface. Once deserialized on the vulnerable server, the malicious code runs as whichever operating system account is used to run the software, which in most cases is the local System account on Windows."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T17:27:05.357Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.softwareag.com/en_corporate/platform/integration-apis/webmethods-integration.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Software AG webMethods OneData Deserialization Vulnerability",
"x_generator": {
"engine": "VINCE 2.1.4",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-0925"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2023-0925",
"datePublished": "2023-09-06T17:27:05.357Z",
"dateReserved": "2023-02-20T16:59:11.959Z",
"dateUpdated": "2024-09-26T19:12:41.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}