← Back

CVE-2016-7050

nvd nist
Published: Jun 8, 2017Modified: May 13, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to execute arbitrary code.

Affected (4)

Redhat
4 products
Enterprise Linux Desktop
Enterprise Linux Hpc Node
Enterprise Linux Server
Enterprise Linux Workstation
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux Desktop
Version 7.0
Enterprise Linux Hpc Node
Version 7.0
Enterprise Linux Server
Version 7.0
Enterprise Linux Workstation
Version 7.0

Related CWEs

CWE-502
Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (4)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Issue TrackingVDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingVDB EntryVendor Advisory

Timeline

No history available yet.