Vulnerability-Lookup

CVE-2015-4852 (GCVE-0-2015-4852)

Vulnerability from cvelistv5 – Published: 2015-11-18 15:00 – Updated: 2025-10-21 23:55

CISA KEVIntel

Summary

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: active Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

n/a
CWE-502 - Deserialization of Untrusted Data

Assigner

oracle

References

16 references

URL	Tags
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
https://github.com/foxglovesec/JavaUnserializeExp…	x_refsource_MISC
http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
https://blogs.oracle.com/security/entry/security_…	x_refsource_CONFIRM
http://www.securitytracker.com/id/1038292	vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/77539	vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2015/1…	mailing-listx_refsource_MLIST
https://www.exploit-db.com/exploits/42806/	exploitx_refsource_EXPLOIT-DB
http://foxglovesecurity.com/2015/11/06/what-do-we…	x_refsource_MISC
http://packetstormsecurity.com/files/152268/Oracl…	x_refsource_MISC
https://www.exploit-db.com/exploits/46628/	exploitx_refsource_EXPLOIT-DB
https://www.cisa.gov/known-exploited-vulnerabilit…	government-resource

Date Public

2015-11-06 00:00

CISA

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: bc0dbb5d-f75c-4af4-b98a-c070599eca8a

Vulnerability ID: CVE-2015-4852

Status: Confirmed

Status Updated: 2021-11-03 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2021-11-03

Asserted: 2021-11-03

Scope

Notes: KEV entry: Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability | Affected: Oracle / WebLogic Server | Description: Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution. | Required action: Apply updates per vendor instructions. | Due date: 2022-05-03 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2015-4852

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-502
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	WebLogic Server
Due Date	2022-05-03
Date Added	2021-11-03
Vendorproject	Oracle
Vulnerabilityname	Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability
Knownransomwarecampaignuse	Unknown

References

CVE-2015-4852

Created: 2026-02-02 12:28 UTC | Updated: 2026-02-06 07:17 UTC

KEVIntel

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 1748f4fc-b299-4e58-8611-d2b4bf3ba633

Vulnerability ID: CVE-2015-4852

Status: Confirmed

Status Updated: 2021-11-03 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2021-11-03

Asserted: 2021-11-03

Scope

Notes: KEVIntel entry: The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary... | Affected: Oracle / WebLogic Server | CVSS: 9.8 (CRITICAL) | Used in malware: unknown | Not yet in CISA KEV: False

Evidence

Type: Public Report

Signal: Successful Exploitation

Confidence: 70%

Source: kevintel

Details

Feed	KEVIntel (kevintel.com)
Title	The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary...
Vendor	Oracle
Product	WebLogic Server
Added Date	2021-11-03T00:00:00.000Z
Cvss Score	9.8
Epss Score	None
Cvss Severity	CRITICAL
Epss Percentile	None
Used In Malware	unknown
Ahead Of Cisa Kev	None
Not Yet In Cisa Kev	False

References

Created: 2026-06-19 12:48 UTC | Updated: 2026-06-19 12:48 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:25:21.906Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852"
          },
          {
            "name": "1038292",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038292"
          },
          {
            "name": "77539",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/77539"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
          },
          {
            "name": "[oss-security] 20151117 Re: Assign CVE for common-collections remote code execution on deserialisation flaw",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/11/17/19"
          },
          {
            "name": "42806",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/42806/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
          },
          {
            "name": "46628",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/46628/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2015-4852",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T18:47:31.977399Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-4852"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-502",
                "description": "CWE-502 Deserialization of Untrusted Data",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:55:57.062Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-4852"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00.000Z",
            "value": "CVE-2015-4852 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-11-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-28T18:06:07.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852"
        },
        {
          "name": "1038292",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038292"
        },
        {
          "name": "77539",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/77539"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
        },
        {
          "name": "[oss-security] 20151117 Re: Assign CVE for common-collections remote code execution on deserialisation flaw",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2015/11/17/19"
        },
        {
          "name": "42806",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/42806/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
        },
        {
          "name": "46628",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/46628/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2015-4852",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
            },
            {
              "name": "https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py",
              "refsource": "MISC",
              "url": "https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
            },
            {
              "name": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852",
              "refsource": "CONFIRM",
              "url": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852"
            },
            {
              "name": "1038292",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038292"
            },
            {
              "name": "77539",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/77539"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
            },
            {
              "name": "[oss-security] 20151117 Re: Assign CVE for common-collections remote code execution on deserialisation flaw",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2015/11/17/19"
            },
            {
              "name": "42806",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/42806/"
            },
            {
              "name": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/",
              "refsource": "MISC",
              "url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/"
            },
            {
              "name": "http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
            },
            {
              "name": "46628",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/46628/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2015-4852",
    "datePublished": "2015-11-18T15:00:00.000Z",
    "dateReserved": "2015-06-24T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:55:57.062Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2015-4852",
      "cwes": "[\"CWE-502\"]",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2015-4852",
      "product": "WebLogic Server",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.",
      "vendorProject": "Oracle",
      "vulnerabilityName": "Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability"
    },
    "epss": {
      "cve": "CVE-2015-4852",
      "date": "2026-06-22",
      "epss": "0.96032",
      "percentile": "0.99868"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-05-03",
      "cisaExploitAdd": "2021-11-03",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.5.2\", \"matchCriteriaId\": \"45481099-946B-4481-8188-0B835672CDDD\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E55B3AA9-69BE-4136-8C3A-FD0DDCD3FA4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B40B13B7-68B3-4510-968C-6A730EB46462\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:12.1.2.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F8FA254-89F1-4E9D-92A0-1AC3BC62CA7B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C93CC705-1F8C-4870-99E6-14BF264C3811\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:weblogic_server:12.2.1.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F57085F-A922-421B-BD10-ECC4F3CB34C2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.\"}, {\"lang\": \"es\", \"value\": \"El componente WLS Security en Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0 y 12.2.1.0 permite a atacantes remotos ejecutar comandos arbitrarios a trav\\u00e9s de un objeto Java serializado manipulado en el tr\\u00e1fico del protocolo T3 al puerto 7001 TCP, relacionado con oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTA: el alcance de esta CVE se limita al producto WebLogic Server.\"}]",
      "id": "CVE-2015-4852",
      "lastModified": "2024-11-21T02:31:52.913",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-11-18T15:59:00.133",
      "references": "[{\"url\": \"http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/11/17/19\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/77539\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securitytracker.com/id/1038292\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Product\"]}, {\"url\": \"https://www.exploit-db.com/exploits/42806/\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46628/\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/11/17/19\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/77539\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securitytracker.com/id/1038292\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Product\"]}, {\"url\": \"https://www.exploit-db.com/exploits/42806/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46628/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "secalert_us@oracle.com",
      "vulnStatus": "Undergoing Analysis",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-502\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-4852\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2015-11-18T15:59:00.133\",\"lastModified\":\"2026-04-21T19:14:06.773\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.\"},{\"lang\":\"es\",\"value\":\"El componente WLS Security en Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0 y 12.2.1.0 permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de un objeto Java serializado manipulado en el tr\u00e1fico del protocolo T3 al puerto 7001 TCP, relacionado con oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTA: el alcance de esta CVE se limita al producto WebLogic Server.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2021-11-03\",\"cisaActionDue\":\"2022-05-03\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.5.2\",\"matchCriteriaId\":\"45481099-946B-4481-8188-0B835672CDDD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E55B3AA9-69BE-4136-8C3A-FD0DDCD3FA4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B40B13B7-68B3-4510-968C-6A730EB46462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.1.2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F8FA254-89F1-4E9D-92A0-1AC3BC62CA7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C93CC705-1F8C-4870-99E6-14BF264C3811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:weblogic_server:12.2.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F57085F-A922-421B-BD10-ECC4F3CB34C2\"}]}]}],\"references\":[{\"url\":\"http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Exploit\"]},{\"url\":\"http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/11/17/19\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/77539\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id/1038292\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Product\"]},{\"url\":\"https://www.exploit-db.com/exploits/42806/\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/46628/\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/11/17/19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/77539\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securitytracker.com/id/1038292\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://www.exploit-db.com/exploits/42806/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/46628/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-4852\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1038292\", \"name\": \"1038292\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/77539\", \"name\": \"77539\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/11/17/19\", \"name\": \"[oss-security] 20151117 Re: Assign CVE for common-collections remote code execution on deserialisation flaw\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/42806/\", \"name\": \"42806\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46628/\", \"name\": \"46628\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T06:25:21.906Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2015-4852\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T18:47:31.977399Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-4852\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2021-11-03T00:00:00.000Z\", \"value\": \"CVE-2015-4852 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-4852\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-502\", \"description\": \"CWE-502 Deserialization of Untrusted Data\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T18:47:11.566Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2015-11-06T00:00:00.000Z\", \"references\": [{\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.securitytracker.com/id/1038292\", \"name\": \"1038292\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.securityfocus.com/bid/77539\", \"name\": \"77539\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/11/17/19\", \"name\": \"[oss-security] 20151117 Re: Assign CVE for common-collections remote code execution on deserialisation flaw\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://www.exploit-db.com/exploits/42806/\", \"name\": \"42806\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46628/\", \"name\": \"46628\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2019-03-28T18:06:07.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py\", \"name\": \"https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\", \"name\": \"https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.securitytracker.com/id/1038292\", \"name\": \"1038292\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://www.securityfocus.com/bid/77539\", \"name\": \"77539\", \"refsource\": \"BID\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/11/17/19\", \"name\": \"[oss-security] 20151117 Re: Assign CVE for common-collections remote code execution on deserialisation flaw\", \"refsource\": \"MLIST\"}, {\"url\": \"https://www.exploit-db.com/exploits/42806/\", \"name\": \"42806\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\", \"name\": \"http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.exploit-db.com/exploits/46628/\", \"name\": \"46628\", \"refsource\": \"EXPLOIT-DB\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2015-4852\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2015-4852\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:55:57.062Z\", \"dateReserved\": \"2015-06-24T00:00:00.000Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2015-11-18T15:00:00.000Z\", \"assignerShortName\": \"oracle\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2015-AVI-484

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Oracle WebLogic Server. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Contournement provisoire

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Oracle WebLogic Server versions 10.3.6.0, 12.1.1.0, 12.1.2.0 et 12.1.3.0

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle du 10 novembre 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eOracle WebLogic Server versions 10.3.6.0, 12.1.1.0, 12.1.2.0  et 12.1.3.0\u003c/P\u003e",
  "content": "## Contournement provisoire\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-4852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4852"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-484",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-11-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle WebLogic Server\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle WebLogic Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle du 10 novembre 2015",
      "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
    }
  ]
}

CERTFR-2017-AVI-120

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Oracle Sun Systems Products Suite. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Oracle Solaris Cluster version 4.3
Oracle	N/A	Oracle SuperCluster Specific Software version 2.3.13
Oracle	N/A	Oracle Solaris version 11.3
Oracle	N/A	Oracle SuperCluster Specific Software version 2.3.8
Oracle	N/A	Oracle Solaris version 10
Oracle	N/A	Oracle StorageTek Tape Analytics SW Tool versions antérieures à 2.2.1
Oracle	N/A	Oracle Sun ZFS Storage Appliance Kit (AK) version AK 2013

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpuapr2017verbose-3236619 du 18 avril 2017	None	vendor-advisory
Bulletin de sécurité Oracle cpuapr2017-3236618 du 18 avril 2017	None	vendor-advisory
Bulletin de sécurité Oracle cpuapr2017-3236618 du 18 avril 2017	-	other
Bulletin de sécurité Oracle cpuapr2017verbose-3236619 du 18 avril 2017	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle Solaris Cluster version 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle SuperCluster Specific Software version 2.3.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Solaris version 11.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle SuperCluster Specific Software version 2.3.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Solaris version 10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle StorageTek Tape Analytics SW Tool versions ant\u00e9rieures \u00e0 2.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Sun ZFS Storage Appliance Kit (AK) version AK 2013",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-3580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3580"
    },
    {
      "name": "CVE-2016-5551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5551"
    },
    {
      "name": "CVE-2017-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3510"
    },
    {
      "name": "CVE-2017-3551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3551"
    },
    {
      "name": "CVE-2017-3623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3623"
    },
    {
      "name": "CVE-2017-3565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3565"
    },
    {
      "name": "CVE-2017-3622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3622"
    },
    {
      "name": "CVE-2015-7501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7501"
    },
    {
      "name": "CVE-2017-3498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3498"
    },
    {
      "name": "CVE-2017-3474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3474"
    },
    {
      "name": "CVE-2016-3607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3607"
    },
    {
      "name": "CVE-2017-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3621"
    },
    {
      "name": "CVE-2017-3564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3564"
    },
    {
      "name": "CVE-2017-3582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3582"
    },
    {
      "name": "CVE-2017-3584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3584"
    },
    {
      "name": "CVE-2016-5019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5019"
    },
    {
      "name": "CVE-2017-3497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3497"
    },
    {
      "name": "CVE-2017-3585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3585"
    },
    {
      "name": "CVE-2017-3578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3578"
    },
    {
      "name": "CVE-2017-3516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3516"
    },
    {
      "name": "CVE-2015-4852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4852"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017-3236618 du 18 avril    2017",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017verbose-3236619 du 18    avril 2017",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html#SUNS"
    }
  ],
  "reference": "CERTFR-2017-AVI-120",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-04-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Sun Systems Products Suite\u003c/span\u003e. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Sun Systems Products Suite",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017verbose-3236619 du 18 avril 2017",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017-3236618 du 18 avril 2017",
      "url": null
    }
  ]
}

CERTFR-2015-AVI-484

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Oracle WebLogic Server. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Contournement provisoire

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Oracle WebLogic Server versions 10.3.6.0, 12.1.1.0, 12.1.2.0 et 12.1.3.0

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle du 10 novembre 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eOracle WebLogic Server versions 10.3.6.0, 12.1.1.0, 12.1.2.0  et 12.1.3.0\u003c/P\u003e",
  "content": "## Contournement provisoire\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-4852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4852"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-484",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-11-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle WebLogic Server\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle WebLogic Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle du 10 novembre 2015",
      "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
    }
  ]
}

CERTFR-2017-AVI-120

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Oracle Solaris Cluster version 4.3
Oracle	N/A	Oracle SuperCluster Specific Software version 2.3.13
Oracle	N/A	Oracle Solaris version 11.3
Oracle	N/A	Oracle SuperCluster Specific Software version 2.3.8
Oracle	N/A	Oracle Solaris version 10
Oracle	N/A	Oracle StorageTek Tape Analytics SW Tool versions antérieures à 2.2.1
Oracle	N/A	Oracle Sun ZFS Storage Appliance Kit (AK) version AK 2013

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle cpuapr2017verbose-3236619 du 18 avril 2017	None	vendor-advisory
Bulletin de sécurité Oracle cpuapr2017-3236618 du 18 avril 2017	None	vendor-advisory
Bulletin de sécurité Oracle cpuapr2017-3236618 du 18 avril 2017	-	other
Bulletin de sécurité Oracle cpuapr2017verbose-3236619 du 18 avril 2017	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle Solaris Cluster version 4.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle SuperCluster Specific Software version 2.3.13",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Solaris version 11.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle SuperCluster Specific Software version 2.3.8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Solaris version 10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle StorageTek Tape Analytics SW Tool versions ant\u00e9rieures \u00e0 2.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle Sun ZFS Storage Appliance Kit (AK) version AK 2013",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2017-3580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3580"
    },
    {
      "name": "CVE-2016-5551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5551"
    },
    {
      "name": "CVE-2017-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3510"
    },
    {
      "name": "CVE-2017-3551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3551"
    },
    {
      "name": "CVE-2017-3623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3623"
    },
    {
      "name": "CVE-2017-3565",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3565"
    },
    {
      "name": "CVE-2017-3622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3622"
    },
    {
      "name": "CVE-2015-7501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7501"
    },
    {
      "name": "CVE-2017-3498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3498"
    },
    {
      "name": "CVE-2017-3474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3474"
    },
    {
      "name": "CVE-2016-3607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-3607"
    },
    {
      "name": "CVE-2017-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3621"
    },
    {
      "name": "CVE-2017-3564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3564"
    },
    {
      "name": "CVE-2017-3582",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3582"
    },
    {
      "name": "CVE-2017-3584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3584"
    },
    {
      "name": "CVE-2016-5019",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5019"
    },
    {
      "name": "CVE-2017-3497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3497"
    },
    {
      "name": "CVE-2017-3585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3585"
    },
    {
      "name": "CVE-2017-3578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3578"
    },
    {
      "name": "CVE-2017-3516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3516"
    },
    {
      "name": "CVE-2015-4852",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4852"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017-3236618 du 18 avril    2017",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017verbose-3236619 du 18    avril 2017",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html#SUNS"
    }
  ],
  "reference": "CERTFR-2017-AVI-120",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2017-04-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Sun Systems Products Suite\u003c/span\u003e. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Sun Systems Products Suite",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017verbose-3236619 du 18 avril 2017",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017-3236618 du 18 avril 2017",
      "url": null
    }
  ]
}

BDU:2015-12099

Vulnerability from fstec - Published: 18.11.2015

Title

Уязвимость сервера приложений Oracle WebLogic Server, позволяющая нарушителю выполнить произвольный код

Description

Уязвимость компонента WLS Security сервера приложений Oracle WebLogic Server связана с отсутствием мер по очистке входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код с помощью специальным образом сформированных объектов Java, передаваемых по TCP протоколу и связанных с oracle_common/modules/com.bea.core.apache.commons.collections.jar

Severity

Vendor

Oracle Corp.

Software Name

WebLogic Server, Retail Xstore Point of Service, Communications WebRTC Session Controller, Oracle Retail Clearance Optimization Engine, Communications Performance Intelligence Center (PIC) Software, Communications Application Session Controller, StorageTek Tape Analytics SW Tool

Software Version

10.3.6.0 (WebLogic Server), 12.2.1.0 (WebLogic Server), 12.1.3.0 (WebLogic Server), 12.1.2.0 (WebLogic Server), 7.0 (Retail Xstore Point of Service), до 7.2 (Communications WebRTC Session Controller), 7.1 (Retail Xstore Point of Service), 14.0 (Oracle Retail Clearance Optimization Engine), до 10.2.1 (Communications Performance Intelligence Center (PIC) Software), до 3.7.1M0 (Communications Application Session Controller), 13.2 (Oracle Retail Clearance Optimization Engine), 13.3 (Oracle Retail Clearance Optimization Engine), 13.4 (Oracle Retail Clearance Optimization Engine), 5.0 (Retail Xstore Point of Service), 5.5 (Retail Xstore Point of Service), 6.0 (Retail Xstore Point of Service), 6.5 (Retail Xstore Point of Service), до 2.2.1 (StorageTek Tape Analytics SW Tool)

Possible Mitigations

Использование рекомендаций производителя, доступных по адресу: http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html https://www.oracle.com/security-alerts/cpuapr2017.html https://www.oracle.com/security-alerts/cpujan2018.html https://www.oracle.com/security-alerts/cpuoct2016.html https://www.oracle.com/security-alerts/cpuoct2017.html

Reference

https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852 http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html http://www.openwall.com/lists/oss-security/2015/11/17/19 http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/ https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-websphere-extreme-scale-liberty-deployment/ https://www.oracle.com/security-alerts/cpuapr2017.html https://www.oracle.com/security-alerts/cpujan2018.html https://www.oracle.com/security-alerts/cpuoct2016.html https://www.oracle.com/security-alerts/cpuoct2017.html https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv

CWE

CWE-77

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
  "CVSS 3.0": null,
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Oracle Corp.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "10.3.6.0 (WebLogic Server), 12.2.1.0 (WebLogic Server), 12.1.3.0 (WebLogic Server), 12.1.2.0 (WebLogic Server), 7.0 (Retail Xstore Point of Service), \u0434\u043e 7.2 (Communications WebRTC Session Controller), 7.1 (Retail Xstore Point of Service), 14.0 (Oracle Retail Clearance Optimization Engine), \u0434\u043e 10.2.1 (Communications Performance Intelligence Center (PIC) Software), \u0434\u043e 3.7.1M0 (Communications Application Session Controller), 13.2 (Oracle Retail Clearance Optimization Engine), 13.3 (Oracle Retail Clearance Optimization Engine), 13.4 (Oracle Retail Clearance Optimization Engine), 5.0 (Retail Xstore Point of Service), 5.5 (Retail Xstore Point of Service), 6.0 (Retail Xstore Point of Service), 6.5 (Retail Xstore Point of Service), \u0434\u043e 2.2.1 (StorageTek Tape Analytics SW Tool)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043f\u043e \u0430\u0434\u0440\u0435\u0441\u0443:\n\nhttp://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html\nhttps://www.oracle.com/security-alerts/cpuapr2017.html\nhttps://www.oracle.com/security-alerts/cpujan2018.html\nhttps://www.oracle.com/security-alerts/cpuoct2016.html\nhttps://www.oracle.com/security-alerts/cpuoct2017.html",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "18.11.2015",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "14.12.2015",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2015-12099",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2015-4852",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "WebLogic Server, Retail Xstore Point of Service, Communications WebRTC Session Controller, Oracle Retail Clearance Optimization Engine, Communications Performance Intelligence Center (PIC) Software, Communications Application Session Controller, StorageTek Tape Analytics SW Tool",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 64-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 32-bit, Apple Inc. MacOS X 32-bit, Microsoft Corp Windows - 64-bit, Microsoft Corp Windows - 32-bit, Apple Inc. MacOS X 64-bit",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Oracle WebLogic Server, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435 \u043c\u0435\u0440 \u043f\u043e \u0447\u0438\u0441\u0442\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u043c \u0443\u0440\u043e\u0432\u043d\u0435 (\u0412\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u0443) (CWE-77)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 WLS Security \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Oracle WebLogic Server \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u043e\u0447\u0438\u0441\u0442\u043a\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 Java, \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0445 \u043f\u043e TCP \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0443 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 oracle_common/modules/com.bea.core.apache.commons.collections.jar",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py\nhttps://blogs.oracle.com/security/entry/security_alert_cve_2015_4852\nhttp://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html\nhttp://www.openwall.com/lists/oss-security/2015/11/17/19\nhttp://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/\nhttps://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-websphere-extreme-scale-liberty-deployment/\nhttps://www.oracle.com/security-alerts/cpuapr2017.html\nhttps://www.oracle.com/security-alerts/cpujan2018.html\nhttps://www.oracle.com/security-alerts/cpuoct2016.html\nhttps://www.oracle.com/security-alerts/cpuoct2017.html\nhttps://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-77",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

CNVD-2015-07707

Vulnerability from cnvd - Published: 2015-11-23

Title

Oracle WebLogic Server远程代码执行漏洞

Description

Oracle WebLogic Server是美国甲骨文（Oracle）公司的一款适用于云环境和传统环境的应用服务器，它提供了一个现代轻型开发平台，支持应用从开发到生产的整个生命周期管理，并简化了应用的部署和管理。WLS Security是其中的一个安全组件。 Oracle WebLogic Server的WLS Security组件存在安全漏洞。远程攻击者可通过发送到TCP 7001端口的T3协议流量中特制的序列化Java对象，利用该漏洞执行任意命令。

Severity

中

Patch Name

Oracle WebLogic Server远程代码执行漏洞的补丁

Patch Description

Oracle WebLogic Server是应用程序服务器。 Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0,12.2.1.0存在远程代码执行漏洞。允许远程攻击者通过在T3协议流量控制中，序列化Java对象到TCP端口7001，执行任意命令。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： http://www.openwall.com/lists/oss-security/2015/11/17/19

Reference

http://www.openwall.com/lists/oss-security/2015/11/17/19

Impacted products

Name
['Oracle WebLogic Server 10.3.6.0', 'Oracle WebLogic Server 12.1.2.0', 'Oracle WebLogic Server 12.1.3.0', 'Oracle WebLogic Server 12.2.1.0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "77539"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-4852"
    }
  },
  "description": "Oracle WebLogic Server\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u9002\u7528\u4e8e\u4e91\u73af\u5883\u548c\u4f20\u7edf\u73af\u5883\u7684\u5e94\u7528\u670d\u52a1\u5668\uff0c\u5b83\u63d0\u4f9b\u4e86\u4e00\u4e2a\u73b0\u4ee3\u8f7b\u578b\u5f00\u53d1\u5e73\u53f0\uff0c\u652f\u6301\u5e94\u7528\u4ece\u5f00\u53d1\u5230\u751f\u4ea7\u7684\u6574\u4e2a\u751f\u547d\u5468\u671f\u7ba1\u7406\uff0c\u5e76\u7b80\u5316\u4e86\u5e94\u7528\u7684\u90e8\u7f72\u548c\u7ba1\u7406\u3002WLS Security\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5b89\u5168\u7ec4\u4ef6\u3002\r\n\r\nOracle WebLogic Server\u7684WLS Security\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u5230TCP 7001\u7aef\u53e3\u7684T3\u534f\u8bae\u6d41\u91cf\u4e2d\u7279\u5236\u7684\u5e8f\u5217\u5316Java\u5bf9\u8c61\uff0c\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002",
  "discovererName": "Matthias Kaiser",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://www.openwall.com/lists/oss-security/2015/11/17/19",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-07707",
  "openTime": "2015-11-23",
  "patchDescription": "Oracle WebLogic Server\u662f\u5e94\u7528\u7a0b\u5e8f\u670d\u52a1\u5668\u3002\r\nOracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0,12.2.1.0\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u5728T3\u534f\u8bae\u6d41\u91cf\u63a7\u5236\u4e2d\uff0c\u5e8f\u5217\u5316Java\u5bf9\u8c61\u5230TCP\u7aef\u53e37001\uff0c\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Oracle WebLogic Server\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Oracle WebLogic Server 10.3.6.0",
      "Oracle WebLogic Server  12.1.2.0",
      "Oracle WebLogic Server 12.1.3.0",
      "Oracle WebLogic Server 12.2.1.0"
    ]
  },
  "referenceLink": "http://www.openwall.com/lists/oss-security/2015/11/17/19",
  "serverity": "\u4e2d",
  "submitTime": "2015-11-19",
  "title": "Oracle WebLogic Server\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

FKIE_CVE-2015-4852

Vulnerability from fkie_nvd - Published: 2015-11-18 15:59 - Updated: 2026-06-17 00:28

CISA KEVIntel

Severity

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secalert_us@oracle.com	http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/	Exploit
secalert_us@oracle.com	http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
secalert_us@oracle.com	http://www.openwall.com/lists/oss-security/2015/11/17/19	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html	Patch
secalert_us@oracle.com	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	Patch, Vendor Advisory
secalert_us@oracle.com	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	Patch, Vendor Advisory
secalert_us@oracle.com	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	Patch, Vendor Advisory
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html	Vendor Advisory
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	Patch, Vendor Advisory
secalert_us@oracle.com	http://www.securityfocus.com/bid/77539	Broken Link
secalert_us@oracle.com	http://www.securitytracker.com/id/1038292	Broken Link
secalert_us@oracle.com	https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852	Broken Link
secalert_us@oracle.com	https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py	Product
secalert_us@oracle.com	https://www.exploit-db.com/exploits/42806/	Exploit, Third Party Advisory, VDB Entry
secalert_us@oracle.com	https://www.exploit-db.com/exploits/46628/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2015/11/17/19	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/77539	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038292	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py	Product
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/42806/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/46628/	Exploit, Third Party Advisory, VDB Entry
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-4852	US Government Resource

Impacted products

Vendor	Product	Version
oracle	virtual_desktop_infrastructure	*
oracle	storagetek_tape_analytics_sw_tool	2.3
oracle	weblogic_server	10.3.6.0.0
oracle	weblogic_server	12.1.2.0.0
oracle	weblogic_server	12.1.3.0.0
oracle	weblogic_server	12.2.1.0.0

JSON

To clipboard

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "source": "secalert_us@oracle.com"
    }
  ],
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45481099-946B-4481-8188-0B835672CDDD",
              "versionEndIncluding": "3.5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55B3AA9-69BE-4136-8C3A-FD0DDCD3FA4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B40B13B7-68B3-4510-968C-6A730EB46462",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F8FA254-89F1-4E9D-92A0-1AC3BC62CA7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F57085F-A922-421B-BD10-ECC4F3CB34C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product."
    },
    {
      "lang": "es",
      "value": "El componente WLS Security en Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0 y 12.2.1.0 permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de un objeto Java serializado manipulado en el tr\u00e1fico del protocolo T3 al puerto 7001 TCP, relacionado con oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTA: el alcance de esta CVE se limita al producto WebLogic Server."
    }
  ],
  "id": "CVE-2015-4852",
  "lastModified": "2026-06-17T00:28:02.700",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ],
    "ssvcV203": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "ssvcData": {
          "id": "CVE-2015-4852",
          "options": [
            {
              "exploitation": "active"
            },
            {
              "automatable": "yes"
            },
            {
              "technicalImpact": "total"
            }
          ],
          "role": "CISA Coordinator",
          "timestamp": "2025-02-04T18:47:31.977399Z",
          "version": "2.0.3"
        }
      }
    ]
  },
  "published": "2015-11-18T15:59:00.133",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/11/17/19"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/77539"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securitytracker.com/id/1038292"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Product"
      ],
      "url": "https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/42806/"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/46628/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/11/17/19"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/77539"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securitytracker.com/id/1038292"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/42806/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/46628/"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-4852"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-7R6V-MXC2-PG49

Vulnerability from github – Published: 2022-05-14 01:14 – Updated: 2025-10-22 00:31

Details

Severity

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-4852"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502",
      "CWE-77"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-11-18T15:59:00Z",
    "severity": "HIGH"
  },
  "details": "The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.",
  "id": "GHSA-7r6v-mxc2-pg49",
  "modified": "2025-10-22T00:31:11Z",
  "published": "2022-05-14T01:14:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4852"
    },
    {
      "type": "WEB",
      "url": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852"
    },
    {
      "type": "WEB",
      "url": "https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-4852"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/42806"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/46628"
    },
    {
      "type": "WEB",
      "url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2015/11/17/19"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/77539"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038292"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2015-4852

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2015-4852

Aliases

CVE-2015-4852

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-4852",
    "description": "The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.",
    "id": "GSD-2015-4852",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-4852.html",
      "https://packetstormsecurity.com/files/cve/CVE-2015-4852"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-4852"
      ],
      "details": "The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.",
      "id": "GSD-2015-4852",
      "modified": "2023-12-13T01:19:59.596985Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2015-4852",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "product": "Oracle WebLogic Server",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar.",
      "vendorProject": "Oracle",
      "vulnerabilityName": "Oracle WebLogic Server Remote Code Execution Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert_us@oracle.com",
        "ID": "CVE-2015-4852",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "name": "https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py",
            "refsource": "MISC",
            "url": "https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "name": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852",
            "refsource": "CONFIRM",
            "url": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852"
          },
          {
            "name": "1038292",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1038292"
          },
          {
            "name": "77539",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/77539"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
          },
          {
            "name": "[oss-security] 20151117 Re: Assign CVE for common-collections remote code execution on deserialisation flaw",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2015/11/17/19"
          },
          {
            "name": "42806",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/42806/"
          },
          {
            "name": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/",
            "refsource": "MISC",
            "url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/"
          },
          {
            "name": "http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
          },
          {
            "name": "46628",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/46628/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "cisaActionDue": "2022-05-03",
        "cisaExploitAdd": "2021-11-03",
        "cisaRequiredAction": "Apply updates per vendor instructions.",
        "cisaVulnerabilityName": "Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability",
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:oracle:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "45481099-946B-4481-8188-0B835672CDDD",
                    "versionEndIncluding": "3.5.2",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E55B3AA9-69BE-4136-8C3A-FD0DDCD3FA4B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "B40B13B7-68B3-4510-968C-6A730EB46462",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.2.0.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "3F8FA254-89F1-4E9D-92A0-1AC3BC62CA7B",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.0.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "9F57085F-A922-421B-BD10-ECC4F3CB34C2",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product."
          },
          {
            "lang": "es",
            "value": "El componente WLS Security en Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0 y 12.2.1.0 permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de un objeto Java serializado manipulado en el tr\u00e1fico del protocolo T3 al puerto 7001 TCP, relacionado con oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTA: el alcance de esta CVE se limita al producto WebLogic Server."
          }
        ],
        "id": "CVE-2015-4852",
        "lastModified": "2023-12-21T01:31:11.820",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "PARTIAL",
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              "exploitabilityScore": 10.0,
              "impactScore": 6.4,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2015-11-18T15:59:00.133",
        "references": [
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Exploit"
            ],
            "url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.html"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Mailing List",
              "Third Party Advisory"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2015/11/17/19"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Patch"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Patch",
              "Vendor Advisory"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Patch",
              "Vendor Advisory"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Patch",
              "Vendor Advisory"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.html"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Patch",
              "Vendor Advisory"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://www.securityfocus.com/bid/77539"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Broken Link"
            ],
            "url": "http://www.securitytracker.com/id/1038292"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Broken Link"
            ],
            "url": "https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Product"
            ],
            "url": "https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "https://www.exploit-db.com/exploits/42806/"
          },
          {
            "source": "secalert_us@oracle.com",
            "tags": [
              "Exploit",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "https://www.exploit-db.com/exploits/46628/"
          }
        ],
        "sourceIdentifier": "secalert_us@oracle.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-502"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

OPENSUSE-SU-2024:10617-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

apache-commons-beanutils-1.9.4-3.7 on GA media

Severity

Moderate

Notes

Title of the patch: apache-commons-beanutils-1.9.4-3.7 on GA media

Description of the patch: These are all security issues fixed in the apache-commons-beanutils-1.9.4-3.7 package on the GA media of openSUSE Tumbleweed.

Patchnames: openSUSE-Tumbleweed-2024-10617

CVE-2014-0114

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2015-4852

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64	—	Vendor Fix

Threats

Impact critical

CVE-2019-10086

7.3 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x	—	Vendor Fix
Unresolved product id: openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64	—	Vendor Fix

Threats

Impact important

References

14 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/o…	self
https://www.suse.com/security/cve/CVE-2014-0114/	self
https://www.suse.com/security/cve/CVE-2015-4852/	self
https://www.suse.com/security/cve/CVE-2019-10086/	self
https://www.suse.com/security/cve/CVE-2014-0114	external
https://bugzilla.suse.com/778464	external
https://bugzilla.suse.com/875455	external
https://bugzilla.suse.com/885963	external
https://www.suse.com/security/cve/CVE-2015-4852	external
https://bugzilla.suse.com/954102	external
https://bugzilla.suse.com/955853	external
https://www.suse.com/security/cve/CVE-2019-10086	external
https://bugzilla.suse.com/1146657	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "apache-commons-beanutils-1.9.4-3.7 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the apache-commons-beanutils-1.9.4-3.7 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10617",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10617-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-0114 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-0114/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-4852 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-4852/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2019-10086 page",
        "url": "https://www.suse.com/security/cve/CVE-2019-10086/"
      }
    ],
    "title": "apache-commons-beanutils-1.9.4-3.7 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10617-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "apache-commons-beanutils-1.9.4-3.7.aarch64",
                "product": {
                  "name": "apache-commons-beanutils-1.9.4-3.7.aarch64",
                  "product_id": "apache-commons-beanutils-1.9.4-3.7.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64",
                "product": {
                  "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64",
                  "product_id": "apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "apache-commons-beanutils-1.9.4-3.7.ppc64le",
                "product": {
                  "name": "apache-commons-beanutils-1.9.4-3.7.ppc64le",
                  "product_id": "apache-commons-beanutils-1.9.4-3.7.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le",
                "product": {
                  "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le",
                  "product_id": "apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "apache-commons-beanutils-1.9.4-3.7.s390x",
                "product": {
                  "name": "apache-commons-beanutils-1.9.4-3.7.s390x",
                  "product_id": "apache-commons-beanutils-1.9.4-3.7.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.s390x",
                "product": {
                  "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.s390x",
                  "product_id": "apache-commons-beanutils-javadoc-1.9.4-3.7.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "apache-commons-beanutils-1.9.4-3.7.x86_64",
                "product": {
                  "name": "apache-commons-beanutils-1.9.4-3.7.x86_64",
                  "product_id": "apache-commons-beanutils-1.9.4-3.7.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64",
                "product": {
                  "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64",
                  "product_id": "apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-beanutils-1.9.4-3.7.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64"
        },
        "product_reference": "apache-commons-beanutils-1.9.4-3.7.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-beanutils-1.9.4-3.7.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le"
        },
        "product_reference": "apache-commons-beanutils-1.9.4-3.7.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-beanutils-1.9.4-3.7.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x"
        },
        "product_reference": "apache-commons-beanutils-1.9.4-3.7.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-beanutils-1.9.4-3.7.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64"
        },
        "product_reference": "apache-commons-beanutils-1.9.4-3.7.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64"
        },
        "product_reference": "apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le"
        },
        "product_reference": "apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x"
        },
        "product_reference": "apache-commons-beanutils-javadoc-1.9.4-3.7.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64"
        },
        "product_reference": "apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-0114",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-0114"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64",
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le",
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x",
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-0114",
          "url": "https://www.suse.com/security/cve/CVE-2014-0114"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 778464 for CVE-2014-0114",
          "url": "https://bugzilla.suse.com/778464"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 875455 for CVE-2014-0114",
          "url": "https://bugzilla.suse.com/875455"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 885963 for CVE-2014-0114",
          "url": "https://bugzilla.suse.com/885963"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-0114"
    },
    {
      "cve": "CVE-2015-4852",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-4852"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64",
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le",
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x",
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-4852",
          "url": "https://www.suse.com/security/cve/CVE-2015-4852"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 954102 for CVE-2015-4852",
          "url": "https://bugzilla.suse.com/954102"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 955853 for CVE-2015-4852",
          "url": "https://bugzilla.suse.com/955853"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-4852"
    },
    {
      "cve": "CVE-2019-10086",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2019-10086"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64",
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le",
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x",
          "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x",
          "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2019-10086",
          "url": "https://www.suse.com/security/cve/CVE-2019-10086"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1146657 for CVE-2019-10086",
          "url": "https://bugzilla.suse.com/1146657"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.aarch64",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.ppc64le",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.s390x",
            "openSUSE Tumbleweed:apache-commons-beanutils-1.9.4-3.7.x86_64",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.aarch64",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.ppc64le",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.s390x",
            "openSUSE Tumbleweed:apache-commons-beanutils-javadoc-1.9.4-3.7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2019-10086"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-4852 (GCVE-0-2015-4852)

CISA

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

KEVIntel

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Public Report Successful Exploitation Confidence: 70% Source: kevintel

Details

References

Contournement provisoire

Solution

Contournement provisoire

Solution

Tags

Sightings

Nomenclature