cnvd - cnvd-2016-11769

cnvd-2016-11769

Vulnerability from cnvd

Title: Apache Karaf远程代码执行漏洞

Description:

Karaf是Apache旗下的开源项目，提供一个可以用于部署各种组件、应用程序的OSGi容器。

Apache Karaf存在远程代码执行漏洞。攻击者利用漏洞可在受影响应用程序的上下文中执行任意代码，导致拒绝服务条件。

Severity: 高

Patch Name: Apache Karaf远程代码执行漏洞的补丁

Patch Description:

Karaf是Apache旗下的开源项目，提供一个可以用于部署各种组件、应用程序的OSGi容器。

Apache Karaf存在远程代码执行漏洞。攻击者利用漏洞可在受影响应用程序的上下文中执行任意代码，导致拒绝服务条件。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已提供漏洞修补方案，请关注厂商主页及时更新： http://karaf.apache.org/

Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1395077

Impacted products

Name
['Red Hat JBoss Fuse 6.0.0', 'Red Hat JBoss A-MQ 6.3', 'Apache Karaf 0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "94513"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-8648"
    }
  },
  "description": "Karaf\u662fApache\u65d7\u4e0b\u7684\u5f00\u6e90\u9879\u76ee\uff0c\u63d0\u4f9b\u4e00\u4e2a\u53ef\u4ee5\u7528\u4e8e\u90e8\u7f72\u5404\u79cd\u7ec4\u4ef6\u3001\u5e94\u7528\u7a0b\u5e8f\u7684OSGi\u5bb9\u5668\u3002\r\n\r\nApache Karaf\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u53ef\u5728\u53d7\u5f71\u54cd\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6761\u4ef6\u3002",
  "discovererName": "Jason Shepherd of Red Hat.",
  "formalWay": "\u5382\u5546\u5df2\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttp://karaf.apache.org/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-11769",
  "openTime": "2016-12-02",
  "patchDescription": "Karaf\u662fApache\u65d7\u4e0b\u7684\u5f00\u6e90\u9879\u76ee\uff0c\u63d0\u4f9b\u4e00\u4e2a\u53ef\u4ee5\u7528\u4e8e\u90e8\u7f72\u5404\u79cd\u7ec4\u4ef6\u3001\u5e94\u7528\u7a0b\u5e8f\u7684OSGi\u5bb9\u5668\u3002\r\n\r\nApache Karaf\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u53ef\u5728\u53d7\u5f71\u54cd\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6761\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Karaf\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Red Hat JBoss Fuse 6.0.0",
      "Red Hat JBoss A-MQ 6.3",
      "Apache Karaf 0"
    ]
  },
  "referenceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=1395077",
  "serverity": "\u9ad8",
  "submitTime": "2016-11-30",
  "title": "Apache Karaf\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2016-8648 (GCVE-0-2016-8648)

Vulnerability from cvelistv5

Published

2018-08-01 14:00

Modified

2024-08-06 02:27

Severity ?

7.2 (High) - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-502

Summary

It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the target MBean contain deserialization gadgets in its classpath.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/94513	vdb-entry, x_refsource_BID
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8648	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Karaf	Version: As shipped with Jboss Fuse 6.x

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:41.427Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "94513",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94513"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8648"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Karaf",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "As shipped with Jboss Fuse 6.x"
            }
          ]
        }
      ],
      "datePublic": "2016-11-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the target MBean contain deserialization gadgets in its classpath."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-502",
              "description": "CWE-502",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-02T09:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "94513",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94513"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8648"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-8648",
    "datePublished": "2018-08-01T14:00:00",
    "dateReserved": "2016-10-12T00:00:00",
    "dateUpdated": "2024-08-06T02:27:41.427Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted