Vulnerability CVE-2015-5254


Published: 2016-01-08   Modified: 2017-02-07

Description:
Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.

Vendor: Apache
Product: Activemq 
Version:
5.9.1
5.9.0
5.8.0
5.7.0
5.6.0
5.5.1
5.5.0
5.4.3
5.4.1
5.4.0
5.3.2
5.3.1
5.3.0
5.2.0
5.12.1
5.12.0
5.11.2
5.11.1
5.11.0
5.10.2
5.10.1
5.10.0
5.1.0
5.0.0
Vendor: Fedoraproject
Product: Fedora 
Version: 23; 22;
Vendor: Redhat
Product: Openshift 
Version: 2.0;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174371.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174537.html
http://rhn.redhat.com/errata/RHSA-2016-0489.html
http://www.debian.org/security/2016/dsa-3524
http://www.openwall.com/lists/oss-security/2015/12/08/6
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
https://issues.apache.org/jira/browse/AMQ-6013

Related CVE
CVE-2016-3702
Padding oracle flaw in CloudForms Management Engine (aka CFME) 5 allows remote attackers to obtain sensitive cleartext information.
CVE-2016-6519
Cross-site scripting (XSS) vulnerability in the "Shares" overview in Openstack Manila before 2.5.1 allows remote authenticated users to inject arbitrary web script or HTML via the Metadata field in the "Create Share" form.
CVE-2016-0720
Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.
CVE-2016-0721
Session fixation vulnerability in pcsd in pcs before 0.9.157.
CVE-2016-5401
Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page.
CVE-2016-6347
Cross-site scripting (XSS) vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-6338
ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for Servers and RHEV-M 4.0, allows physically proximate attackers to bypass a webadmin session timeout restriction via vectors related to UI selections, which tr...
CVE-2016-5409
Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies.

Copyright 2017, cxsecurity.com