Vulnerability CVE-2017-17485

Vulnerability CVE-2017-17485

Published: 2018-01-10

Description:

Type:

(Deserialization of Untrusted Data)

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

Affected software
Redhat -> Jboss bpm suite
Redhat -> Jboss brms
Redhat -> Jboss enterprise application platform
Redhat -> Jboss operations network
Fasterxml -> Jackson-databind
Fasterxml -> Jackson
Debian -> Debian linux

http://www.securityfocus.com/archive/1/541652/100/0/threaded

https://access.redhat.com/errata/RHSA-2018:0116

https://access.redhat.com/errata/RHSA-2018:0342

https://access.redhat.com/errata/RHSA-2018:0478

https://access.redhat.com/errata/RHSA-2018:0479

https://access.redhat.com/errata/RHSA-2018:0480

https://access.redhat.com/errata/RHSA-2018:0481

https://access.redhat.com/errata/RHSA-2018:1447

https://access.redhat.com/errata/RHSA-2018:1448

https://access.redhat.com/errata/RHSA-2018:1449

https://access.redhat.com/errata/RHSA-2018:1450

https://access.redhat.com/errata/RHSA-2018:1451

https://access.redhat.com/errata/RHSA-2018:2930

https://access.redhat.com/errata/RHSA-2019:1782

https://access.redhat.com/errata/RHSA-2019:1797

https://access.redhat.com/errata/RHSA-2019:2858

https://github.com/FasterXML/jackson-databind/issues/1855

https://github.com/irsl/jackson-rce-via-spel/

https://security.netapp.com/advisory/ntap-20180201-0003/

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us

https://www.debian.org/security/2018/dsa-4114