{"vulnerability": "cve-2017-12149", "sightings": [{"uuid": "53055f45-8563-430a-8239-83ea77c3c328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "MISP/5c0fd6cc-f868-4dca-890c-1ea30a021402", "content": "", "creation_timestamp": "2018-12-11T15:50:28.000000Z"}, {"uuid": "c4e928e7-ac4e-4f98-ac4a-ebf7a743e9f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:03.000000Z"}, {"uuid": "60373f10-2b69-4117-895a-6078f4046722", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971186", "content": "", "creation_timestamp": "2024-12-24T20:25:33.495028Z"}, {"uuid": "9c233802-d8fd-4477-8eb3-f0d36f07720a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "565c2d1c-f8cd-4520-a156-528d16a5db11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-04)", "content": "", "creation_timestamp": "2025-01-04T00:00:00.000000Z"}, {"uuid": "64467944-3174-4107-9fb8-e04f90afb69b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2024-11-02)", "content": "", "creation_timestamp": "2024-11-02T00:00:00.000000Z"}, {"uuid": "ffb92d44-ebde-495f-a109-485ae66a394b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:14.000000Z"}, {"uuid": "a18c99f2-8fbb-4475-90b0-47626d8919a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2024-11-21)", "content": "", "creation_timestamp": "2024-11-21T00:00:00.000000Z"}, {"uuid": "ae7e7a44-b15b-4acd-80f3-b646c4d91faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:52.000000Z"}, {"uuid": "94107c4d-804c-4455-bd7e-0910d79413a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-01)", "content": "", "creation_timestamp": "2026-01-01T00:00:00.000000Z"}, {"uuid": "c64b1790-b01c-4d7f-bb83-0f48e11c286f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "https://gist.github.com/beerandgin/a999d21835751417f8d1ac219eec40a4", "content": "", "creation_timestamp": "2026-03-04T22:30:33.000000Z"}, {"uuid": "0796ab53-a096-40a6-b0c6-4bcc48a3b941", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/jboss_vulnscan.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "f50df728-b033-4110-a45a-2f070ec1f355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2017-12149", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8b30021e-4d23-4ec2-95e7-6fd1a039d016", "content": "", "creation_timestamp": "2026-02-02T12:25:26.980991Z"}, {"uuid": "4668c0a9-2800-4ba3-9e78-8de22bc78fac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2017-12149", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e98fa7a6-caab-4984-9762-e03b84ad147a", "content": "", "creation_timestamp": "2026-02-02T12:28:31.523446Z"}, {"uuid": "6bf54e34-d850-47c4-85cd-110035079657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "https://t.me/arpsyndicate/1493", "content": "#ExploitObserverAlert\n\nCVE-2017-12149\n\nDESCRIPTION: Exploit Observer has 97 entries related to CVE-2017-12149. In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data.\n\nFIRST-EPSS: 0.971900000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-06T14:20:16.000000Z"}, {"uuid": "0f3d6c1b-c1cc-4a6e-961d-e3eab4fbc2e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "https://t.me/arpsyndicate/200", "content": "#ExploitObserverAlert\n\nCVE-2017-12149\n\nDESCRIPTION: Exploit Observer has 93 entries related to CVE-2017-12149. In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data.\n\nFIRST-EPSS: 0.971900000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-17T04:37:31.000000Z"}, {"uuid": "7d56fd06-d02a-4a65-818e-c2dd149f858e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-12149", "type": "seen", "source": "https://t.me/arpsyndicate/1563", "content": "#ExploitObserverAlert\n\nCVE-2017-12149\n\nDESCRIPTION: Exploit Observer has 95 entries related to CVE-2017-12149. In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was found that the doFilter method in the ReadOnlyAccessFilter of the HTTP Invoker does not restrict classes for which it performs deserialization and thus allowing an attacker to execute arbitrary code via crafted serialized data.\n\nFIRST-EPSS: 0.971900000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-08T12:55:28.000000Z"}]}