var-201809-1154
Vulnerability from variot
The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation (RMI) service for remote control. The RMI interface does not require any authentication before use, so it lacks user authentication for RMI service commands in EAP controller versions 2.5.3 and earlier. Remote attackers can implement deserialization attacks through the RMI protocol. Successful attacks may allow a remote attacker to remotely control the target server and execute Java functions or bytecode. TP-LINK EAP Controller Is vulnerable to a lack of authentication for critical functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Apache Commons Collections (ACC) The library deserialization process is vulnerable. Java Application ACC When using the library directly or within the range accessible by specifying the class path ACC If a library is installed, arbitrary code may be executed. Apache Commons Collections (ACC) Library http://commons.apache.org/proper/commons-collections/ Deserialize untrusted data (CWE-502) 2015 Year 1 Held on the moon AppSec California 2015 In Gabriel Lawrence Mr. and Chris Frohoff He talked about a vulnerability that could deserialize untrusted data and showed that it could execute arbitrary code. Any use of the serialization function that is not appropriate Java Application or Java Libraries are affected by this vulnerability. Deserialize untrusted data (CWE-502) http://cwe.mitre.org/data/definitions/502.html Gabriel Lawrence Mr. and Chris Frohoff Mr. Lecture http://frohoff.github.io/appseccali-marshalling-pickles/ 2015 Year 11 A month Foxglove Security of Stephen Breen Mr. this problem Apache Commons Collections (ACC) Exist in the library, especially for deserializing untrusted data InvokerTransformer It was pointed out that arbitrary code could be executed when using classes. ACC Software that uses the library, WebSphere , Jenkins , WebLogic , OpenNMS Etc. are also affected. Foxglove Security of Stephen Breen Mr (What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.) http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ Jenkins https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 WebLogic http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html?elq_mid=31793&sh=&cmid=WWSU12091612MPP001C179 ACC Library version 3.2.1 , 4.0 Both are affected by this vulnerability. version 3.2.1 , 4.0 https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Apache Software Fondation Has posted an official view of the vulnerability on its blog. Here you can find advice on countermeasures and links to related information. In addition, entries related to this vulnerability (COLLECTIONS-580) Is built on a bug management system. Official view https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Entries related to this vulnerability (COLLECTIONS-580) https://issues.apache.org/jira/browse/COLLECTIONS-580 ACC other than, Groovy And Spring The same problem is being investigated for these issues. Lawrence Mr. and Frohoff In his presentation material, Java not only Python And Ruby It is stated that the same problem exists in applications and libraries written in the above. Regardless of the programming language or library used, it is important to fully consider the data serialization capabilities from the software design stage.Apache Commons Collections I'm using a library Java Application or Java Library is optional Java It may be possible to execute code. Also, ACC Even if the library is not used directly, it can be accessed by specifying the class path. ACC If the library exists, any Java It may be possible to execute code. It can extend or add Java collections framework. TP-LINK EAP Controller is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks. EAP Controller version 2.5.3 and prior are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products
Advisory ID: cisco-sa-20151209-java-deserialization
Revision 1.0
For Public Release: 2015 December 9 16:00 GMT +---------------------------------------------------------------------
Summary
A vulnerability in the Java deserialization used by the Apache Commons Collections (ACC) library could allow an unauthenticated, remote attacker to execute arbitrary code.
The vulnerability is due to insecure deserialization of user-supplied content by the affected software. The report contains detailed proof-of-concept code for a number of applications, including WebSphere Application Server, JBoss, Jenkins, OpenNMS, and WebLogic. A wide range of potential impacts includes allowing the attacker to obtain sensitive information.
Object serialization is a technique that many programming languages use to convert an object into a sequence of bits for transfer purposes. Deserialization is a technique that reassembles those bits back to an object.
Many applications accept serialized objects from the network without performing input validation checks before deserializing it.
Additional details about the vulnerability are available at the following links:
Official Vulnerability Note from CERT: http://www.kb.cert.org/vuls/id/576313
Foxglove Security: http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
Apache Commons Statement: https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread
Oracle Security Alert: https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852
Cisco will release software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.
This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization
-----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJWaE9BAAoJEIpI1I6i1Mx31a0QALya6VDmcGiyx3AlCzsKGISc 3NJP4PPjVFGjHQmB/+bXn1zXLZ63JgbOZuG9pLxhmJpPMxQI8jeXEHqzVmrA9cOj u/QRGkITxQaRS50cwFJXPDOVWWCTcHLhuk83Ofih8vhC8UPBy1FGMBl5rpVLDkG9 ue8yX5ACEQ078F78dpcnJmbv1Hxu021wI+nM3pn7C/aOrJ1wSNop8KkFZ+VHzbKY aeuMFqhal+ePx+JoIC4JMrTll/BLxjI17tKrzXas6D4zKNGSO0WxnEFjDWuPlc89 2y3DnaVc0eeAVPy3ODN6wJzuro4w69z1GrvXPkBfVe9WNKD1lMGRUPMRwnb/zjxu DT8Ms4LDaVCLDZ01ox3BpuZIDBP1q2Xk6ToObeHUNMSDM9IuMeVOz9BtxJxO8Yp/ YfVaoqkM6Vrf5oXKUvWow0r19+ODp18JUnc8qT7Cj0b9PwtlOUqpsNE+cAzPyZh7 UBYLPm2AZypOgw4ryUf66p3l+NGLvLdA+A1u0m+YfXSrsuEFCosUeppmZMvgzEME 7TDSbOlt6yj9W/U3ioYbhLWk1D2whTyDybXz4MLaPTPxfxozyePOcthU7R/PVGrU M0Do8nugnDXE0rYVRooF3+A/6ahoKUb9QR00O4xN4A94lfXqgc6t+180S4vavgxS g9ZP7zYVhaDCRufDoNVI =nsL1 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-1154",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "eap controller",
"scope": "lte",
"trust": 1.8,
"vendor": "tp link",
"version": "2.5.3"
},
{
"model": "eap controller",
"scope": "eq",
"trust": 1.5,
"vendor": "tp link",
"version": "2.5.3"
},
{
"model": "eap controller",
"scope": "eq",
"trust": 0.9,
"vendor": "tp link",
"version": "2.4.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tp link",
"version": null
},
{
"model": "capssuite",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "infoframe relational store",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "systemdirector enterprise",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "webotx",
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": "jenkins",
"scope": "eq",
"trust": 0.3,
"vendor": "jenkins ci",
"version": "0"
},
{
"model": "commons collections",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "3.2.1"
},
{
"model": "commons collections",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "4.0"
},
{
"model": "commons collections",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "3.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#581311"
},
{
"db": "CNVD",
"id": "CNVD-2019-13604"
},
{
"db": "BID",
"id": "105402"
},
{
"db": "BID",
"id": "77521"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013057"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1168"
},
{
"db": "NVD",
"id": "CVE-2018-5393"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:tp-link:eap_controller",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013057"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "foxglovesecurity",
"sources": [
{
"db": "BID",
"id": "77521"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
}
],
"trust": 0.9
},
"cve": "CVE-2018-5393",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-5393",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2015-005930",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-13604",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-135424",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-5393",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-5393",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-5393",
"trust": 0.8,
"value": "Critical"
},
{
"author": "IPA",
"id": "JVNDB-2015-005930",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2019-13604",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-1168",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-135424",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-5393",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13604"
},
{
"db": "VULHUB",
"id": "VHN-135424"
},
{
"db": "VULMON",
"id": "CVE-2018-5393"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013057"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1168"
},
{
"db": "NVD",
"id": "CVE-2018-5393"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TP-LINK EAP Controller is TP-LINK\u0027s software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation (RMI) service for remote control. The RMI interface does not require any authentication before use, so it lacks user authentication for RMI service commands in EAP controller versions 2.5.3 and earlier. Remote attackers can implement deserialization attacks through the RMI protocol. Successful attacks may allow a remote attacker to remotely control the target server and execute Java functions or bytecode. TP-LINK EAP Controller Is vulnerable to a lack of authentication for critical functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Apache Commons Collections (ACC) The library deserialization process is vulnerable. Java Application ACC When using the library directly or within the range accessible by specifying the class path ACC If a library is installed, arbitrary code may be executed. Apache Commons Collections (ACC) Library http://commons.apache.org/proper/commons-collections/ Deserialize untrusted data (CWE-502) 2015 Year 1 Held on the moon AppSec California 2015 In Gabriel Lawrence Mr. and Chris Frohoff He talked about a vulnerability that could deserialize untrusted data and showed that it could execute arbitrary code. Any use of the serialization function that is not appropriate Java Application or Java Libraries are affected by this vulnerability. Deserialize untrusted data (CWE-502) http://cwe.mitre.org/data/definitions/502.html Gabriel Lawrence Mr. and Chris Frohoff Mr. Lecture http://frohoff.github.io/appseccali-marshalling-pickles/ 2015 Year 11 A month Foxglove Security of Stephen Breen Mr. this problem Apache Commons Collections (ACC) Exist in the library, especially for deserializing untrusted data InvokerTransformer It was pointed out that arbitrary code could be executed when using classes. ACC Software that uses the library, WebSphere , Jenkins , WebLogic , OpenNMS Etc. are also affected. Foxglove Security of Stephen Breen Mr (What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.) http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ Jenkins https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11 WebLogic http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html?elq_mid=31793\u0026sh=\u0026cmid=WWSU12091612MPP001C179 ACC Library version 3.2.1 , 4.0 Both are affected by this vulnerability. version 3.2.1 , 4.0 https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Apache Software Fondation Has posted an official view of the vulnerability on its blog. Here you can find advice on countermeasures and links to related information. In addition, entries related to this vulnerability (COLLECTIONS-580) Is built on a bug management system. Official view https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread Entries related to this vulnerability (COLLECTIONS-580) https://issues.apache.org/jira/browse/COLLECTIONS-580 ACC other than, Groovy And Spring The same problem is being investigated for these issues. Lawrence Mr. and Frohoff In his presentation material, Java not only Python And Ruby It is stated that the same problem exists in applications and libraries written in the above. Regardless of the programming language or library used, it is important to fully consider the data serialization capabilities from the software design stage.Apache Commons Collections I\u0027m using a library Java Application or Java Library is optional Java It may be possible to execute code. Also, ACC Even if the library is not used directly, it can be accessed by specifying the class path. ACC If the library exists, any Java It may be possible to execute code. It can extend or add Java collections framework. TP-LINK EAP Controller is prone to an authentication-bypass vulnerability. \nAn attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks. \nEAP Controller version 2.5.3 and prior are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nCisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products\n\nAdvisory ID: cisco-sa-20151209-java-deserialization\n\nRevision 1.0\n\nFor Public Release: 2015 December 9 16:00 GMT\n+---------------------------------------------------------------------\n\nSummary\n=======\n\nA vulnerability in the Java deserialization used by the Apache Commons Collections (ACC) library could allow an unauthenticated, remote attacker to execute arbitrary code. \n\nThe vulnerability is due to insecure deserialization of user-supplied content by the affected software. The report contains detailed proof-of-concept code for a number of applications, including WebSphere Application Server, JBoss, Jenkins, OpenNMS, and WebLogic. A wide range of potential impacts includes allowing the attacker to obtain sensitive information. \n\nObject serialization is a technique that many programming languages use to convert an object into a sequence of bits for transfer purposes. Deserialization is a technique that reassembles those bits back to an object. \n\nMany applications accept serialized objects from the network without performing input validation checks before deserializing it. \n\nAdditional details about the vulnerability are available at the following links:\n\nOfficial Vulnerability Note from CERT:\nhttp://www.kb.cert.org/vuls/id/576313\n\nFoxglove Security:\nhttp://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\n\nApache Commons Statement:\nhttps://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread\n\nOracle Security Alert:\nhttps://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\n\nCisco will release software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. \n\nThis advisory is available at the following link:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization\n\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJWaE9BAAoJEIpI1I6i1Mx31a0QALya6VDmcGiyx3AlCzsKGISc\n3NJP4PPjVFGjHQmB/+bXn1zXLZ63JgbOZuG9pLxhmJpPMxQI8jeXEHqzVmrA9cOj\nu/QRGkITxQaRS50cwFJXPDOVWWCTcHLhuk83Ofih8vhC8UPBy1FGMBl5rpVLDkG9\nue8yX5ACEQ078F78dpcnJmbv1Hxu021wI+nM3pn7C/aOrJ1wSNop8KkFZ+VHzbKY\naeuMFqhal+ePx+JoIC4JMrTll/BLxjI17tKrzXas6D4zKNGSO0WxnEFjDWuPlc89\n2y3DnaVc0eeAVPy3ODN6wJzuro4w69z1GrvXPkBfVe9WNKD1lMGRUPMRwnb/zjxu\nDT8Ms4LDaVCLDZ01ox3BpuZIDBP1q2Xk6ToObeHUNMSDM9IuMeVOz9BtxJxO8Yp/\nYfVaoqkM6Vrf5oXKUvWow0r19+ODp18JUnc8qT7Cj0b9PwtlOUqpsNE+cAzPyZh7\nUBYLPm2AZypOgw4ryUf66p3l+NGLvLdA+A1u0m+YfXSrsuEFCosUeppmZMvgzEME\n7TDSbOlt6yj9W/U3ioYbhLWk1D2whTyDybXz4MLaPTPxfxozyePOcthU7R/PVGrU\nM0Do8nugnDXE0rYVRooF3+A/6ahoKUb9QR00O4xN4A94lfXqgc6t+180S4vavgxS\ng9ZP7zYVhaDCRufDoNVI\n=nsL1\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5393"
},
{
"db": "CERT/CC",
"id": "VU#581311"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013057"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "CNVD",
"id": "CNVD-2019-13604"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"db": "BID",
"id": "105402"
},
{
"db": "BID",
"id": "77521"
},
{
"db": "VULHUB",
"id": "VHN-135424"
},
{
"db": "VULMON",
"id": "CVE-2018-5393"
},
{
"db": "PACKETSTORM",
"id": "134752"
}
],
"trust": 4.95
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#581311",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2018-5393",
"trust": 3.5
},
{
"db": "BID",
"id": "105402",
"trust": 2.1
},
{
"db": "CERT/CC",
"id": "VU#576313",
"trust": 2.0
},
{
"db": "BID",
"id": "77521",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013057",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU94276522",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1168",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-13604",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-135424",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-5393",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "134752",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#581311"
},
{
"db": "CNVD",
"id": "CNVD-2019-13604"
},
{
"db": "VULHUB",
"id": "VHN-135424"
},
{
"db": "VULMON",
"id": "CVE-2018-5393"
},
{
"db": "BID",
"id": "105402"
},
{
"db": "BID",
"id": "77521"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013057"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "PACKETSTORM",
"id": "134752"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1168"
},
{
"db": "NVD",
"id": "CVE-2018-5393"
}
]
},
"id": "VAR-201809-1154",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13604"
},
{
"db": "VULHUB",
"id": "VHN-135424"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13604"
}
]
},
"last_update_date": "2024-11-23T21:13:15.103000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "EAP Controller",
"trust": 0.8,
"url": "https://www.tp-link.com/us/products/details/cat-4908_EAP-Controller.html"
},
{
"title": "Apache Commons statement to widespread Java object de-serialisation vulnerability",
"trust": 0.8,
"url": "https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread"
},
{
"title": "COLLECTIONS-580: Arbitrary remote code execution with InvokerTransformer",
"trust": 0.8,
"url": "https://issues.apache.org/jira/browse/COLLECTIONS-580"
},
{
"title": "cisco-sa-20151209-java-deserialization",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization"
},
{
"title": "HS16-010",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS16-010/index.html"
},
{
"title": "1970575",
"trust": 0.8,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970575"
},
{
"title": "Jenkins Security Advisory 2015-11-11",
"trust": 0.8,
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11"
},
{
"title": "NV16-002",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv16-002.html"
},
{
"title": "Secure Coding Guidelines for Java SE",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/java/seccodeguide-139067.html#8"
},
{
"title": "Oracle Security Alert for CVE-2015-4852",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
},
{
"title": "HS16-010",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS16-010/index.html"
},
{
"title": "\u65e5\u7acb\u30c7\u30a3\u30b9\u30af\u30a2\u30ec\u30a4\u30b7\u30b9\u30c6\u30e0\u306b\u304a\u3051\u308bSVP \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30db\u30fc\u30eb",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/products/it/storage-solutions/techsupport/sec_info/sec_acc20160328.html"
},
{
"title": "TP-LinkEAPControllerforLinux authentication bypasses the patch for the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/160751"
},
{
"title": "TP-Link EAP Controller for Linux Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85202"
},
{
"title": "Java-Deserialization-CVEs",
"trust": 0.1,
"url": "https://github.com/PalindromeLabs/Java-Deserialization-CVEs "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-13604"
},
{
"db": "VULMON",
"id": "CVE-2018-5393"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013057"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1168"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.9
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135424"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013057"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "NVD",
"id": "CVE-2018-5393"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://www.kb.cert.org/vuls/id/581311"
},
{
"trust": 2.0,
"url": "https://www.kb.cert.org/vuls/id/576313"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/105402"
},
{
"trust": 1.4,
"url": "https://www.tp-link.com/en/download/eap220.html#controller_software"
},
{
"trust": 1.2,
"url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/"
},
{
"trust": 0.9,
"url": "http://cwe.mitre.org/data/definitions/306.html"
},
{
"trust": 0.8,
"url": "https://docs.oracle.com/javase/8/docs/technotes/guides/rmi/rmi_security_recommendations.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/502.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5393"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5393"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu94276522/index.html"
},
{
"trust": 0.8,
"url": "http://frohoff.github.io/appseccali-marshalling-pickles/"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/77521"
},
{
"trust": 0.3,
"url": "http://www.tp-link.com"
},
{
"trust": 0.3,
"url": "https://issues.apache.org/jira/browse/collections-580"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2015/q4/237"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2015/q4/241"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://blogs.apache.org/foundation/entry/apache_commons_statement_to_widespread"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151209-java-deserialization"
},
{
"trust": 0.1,
"url": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852"
},
{
"trust": 0.1,
"url": "http://gpgtools.org"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#581311"
},
{
"db": "CNVD",
"id": "CNVD-2019-13604"
},
{
"db": "VULHUB",
"id": "VHN-135424"
},
{
"db": "VULMON",
"id": "CVE-2018-5393"
},
{
"db": "BID",
"id": "105402"
},
{
"db": "BID",
"id": "77521"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013057"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "PACKETSTORM",
"id": "134752"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1168"
},
{
"db": "NVD",
"id": "CVE-2018-5393"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#581311"
},
{
"db": "CNVD",
"id": "CNVD-2019-13604"
},
{
"db": "VULHUB",
"id": "VHN-135424"
},
{
"db": "VULMON",
"id": "CVE-2018-5393"
},
{
"db": "BID",
"id": "105402"
},
{
"db": "BID",
"id": "77521"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013057"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"db": "PACKETSTORM",
"id": "134752"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1168"
},
{
"db": "NVD",
"id": "CVE-2018-5393"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-26T00:00:00",
"db": "CERT/CC",
"id": "VU#581311"
},
{
"date": "2019-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13604"
},
{
"date": "2018-09-28T00:00:00",
"db": "VULHUB",
"id": "VHN-135424"
},
{
"date": "2018-09-28T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5393"
},
{
"date": "2018-09-18T00:00:00",
"db": "BID",
"id": "105402"
},
{
"date": "2015-11-08T00:00:00",
"db": "BID",
"id": "77521"
},
{
"date": "2019-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013057"
},
{
"date": "2015-11-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"date": "2015-12-10T17:22:52",
"db": "PACKETSTORM",
"id": "134752"
},
{
"date": "2015-11-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"date": "2018-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1168"
},
{
"date": "2018-09-28T17:29:00.483000",
"db": "NVD",
"id": "CVE-2018-5393"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-08T00:00:00",
"db": "CERT/CC",
"id": "VU#581311"
},
{
"date": "2019-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-13604"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-135424"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5393"
},
{
"date": "2018-09-18T00:00:00",
"db": "BID",
"id": "105402"
},
{
"date": "2015-12-08T22:09:00",
"db": "BID",
"id": "77521"
},
{
"date": "2019-02-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013057"
},
{
"date": "2018-02-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005930"
},
{
"date": "2015-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-1168"
},
{
"date": "2024-11-21T04:08:44.320000",
"db": "NVD",
"id": "CVE-2018-5393"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "134752"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-421"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-1168"
}
],
"trust": 1.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-Link EAP Controller lacks RMI authentication and is vulnerable to deserialization attacks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#581311"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-1168"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.