CVE-2019-16943

Published: Oct 1, 2019Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling.

Affected (57)

Products: Fasterxml: Jackson Databind · Debian: Debian Linux · Fedoraproject: Fedora · +3 more

Show all products

Fasterxml: Jackson Databind · Debian: Debian Linux · Fedoraproject: Fedora · Redhat: Jboss Enterprise Application Platform · Oracle: Banking Platform, Communications Billing And Revenue Management, Communications Calendar Server, Communications Cloud Native Core Network Slice Selection Function, Communications Evolved Communications Application Server, Global Lifecycle Management Nextgen Oui Framework, Goldengate Application Adapters, Jd Edwards Enterpriseone Orchestrator, Jd Edwards Enterpriseone Tools, Primavera Gateway, Retail Merchandising System, Retail Sales Audit, Siebel Engineering Installer & Deployment, Trace File Analyzer, Webcenter Portal, Webcenter Sites, Weblogic Server · Netapp: Active Iq Unified Manager, Oncommand Api Services, Oncommand Workflow Automation, Service Level Manager, Steelstore Cloud Integrated Storage

1 product

1 product

1 product

1 product

Jboss Enterprise Application Platform

Oracle

17 products

Banking Platform

Communications Billing And Revenue Management

Communications Calendar Server

Communications Cloud Native Core Network Slice Selection Function

Communications Evolved Communications Application Server

Global Lifecycle Management Nextgen Oui Framework

Goldengate Application Adapters

Jd Edwards Enterpriseone Orchestrator

Jd Edwards Enterpriseone Tools

Primavera Gateway

Retail Merchandising System

Retail Sales Audit

Siebel Engineering Installer & Deployment

5 products

Active Iq Unified Manager

Oncommand Api Services

Oncommand Workflow Automation

Service Level Manager

Steelstore Cloud Integrated Storage

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Fasterxml Jackson Databind	From 2.0.0 to 2.6.7.3
Fasterxml Jackson Databind	From 2.7.0 to 2.8.11.5
Fasterxml Jackson Databind	From 2.9.0 to 2.9.10.1

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 30
Fedoraproject Fedora	Version 31

Configuration D

2 platform

Running on/with	Platform Versions
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server	Version 7.0

Configuration E

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Redhat Jboss Enterprise Application Platform	Version 7.2
Redhat Jboss Enterprise Application Platform	Version 7.3

Running on/with	Platform Versions
Redhat Enterprise Linux Server	Version 8.0

Configuration F

40 vulnerable

Vulnerable Software	Affected Versions
Oracle Banking Platform	Version 2.4.0
Oracle Banking Platform	Version 2.4.1
Oracle Banking Platform	Version 2.5.0
Oracle Banking Platform	Version 2.6.0
Oracle Banking Platform	Version 2.6.1
Oracle Banking Platform	Version 2.6.2
Oracle Banking Platform	Version 2.7.0
Oracle Banking Platform	Version 2.7.1
Oracle Banking Platform	Version 2.9.0
Oracle Communications Billing And Revenue Management	Version 12.0.0.3.0
Oracle Communications Billing And Revenue Management	Version 7.5.0.23.0
Oracle Communications Calendar Server	Version 8.0.0.2.0
Oracle Communications Calendar Server	Version 8.0.0.3.0
Oracle Communications Cloud Native Core Network Slice Selection Function	Version 1.2.1
Oracle Communications Evolved Communications Application Server	Version 7.1
Oracle Global Lifecycle Management Nextgen Oui Framework	Version 12.2.1.3.0
Oracle Global Lifecycle Management Nextgen Oui Framework	Version 12.2.1.4.0
Oracle Global Lifecycle Management Nextgen Oui Framework	Version 13.9.4.2.2
Oracle Goldengate Application Adapters	Version 19.1.0.0.0
Oracle Jd Edwards Enterpriseone Orchestrator	Version 9.2
Oracle Jd Edwards Enterpriseone Tools	Version 9.2
Oracle Primavera Gateway	From 17.7 to 17.12.6
Oracle Primavera Gateway	From 18.8.0 to 18.8.8
Oracle Primavera Gateway	Version 16.1
Oracle Primavera Gateway	Version 16.2
Oracle Primavera Gateway	Version 19.12.0
Oracle Retail Merchandising System	Version 15.0.3
Oracle Retail Merchandising System	Version 16.0.2
Oracle Retail Merchandising System	Version 16.0.3
Oracle Retail Sales Audit	Version 14.1
Oracle Siebel Engineering Installer & Deployment	Up to 2.20.5
Oracle Trace File Analyzer	Version 12.2.0.1
Oracle Trace File Analyzer	Version 18c
Oracle Trace File Analyzer	Version 19c
Oracle Webcenter Portal	Version 12.2.1.3.0
Oracle Webcenter Portal	Version 12.2.1.4.0
Oracle Webcenter Sites	Version 12.2.1.3.0
Oracle Webcenter Sites	Version 12.2.1.4.0
Oracle Weblogic Server	Version 12.2.1.3.0
Oracle Weblogic Server	Version 12.2.1.4.0

Configuration G

7 vulnerable

Vulnerable Software	Affected Versions
Netapp Active Iq Unified Manager	From 7.3
Netapp Active Iq Unified Manager	From 9.5
Netapp Active Iq Unified Manager	From 7.3
Netapp Oncommand Api Services	All versions
Netapp Oncommand Workflow Automation	All versions
Netapp Service Level Manager	All versions
Netapp Steelstore Cloud Integrated Storage	All versions

Related CWEs

CWE-502

Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (52)

https://access.redhat.com/errata/RHSA-2020:0159

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0160

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0161

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0164

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2020:0445

Source: cve@mitre.org

Third Party Advisory

https://github.com/FasterXML/jackson-databind/issues/2478

Source: cve@mitre.org

PatchThird Party Advisory

https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/5ec8d8d485c2c8ac55ea425f4cd96596ef37312532712639712ebcdd%40%3Ccommits.iceberg.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/6788e4c991f75b89d290ad06b463fcd30bcae99fee610345a35b7bc6%40%3Cissues.iceberg.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/r392099ed2757ff2e383b10440594e914d080511d7da1c8fed0612c1f%40%3Ccommits.druid.apache.org%3E

Source: cve@mitre.org

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

Source: cve@mitre.org

https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q7CANA7KV53JROZDX5Z5P26UG5VN2K43/

Source: cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TH5VFUN4P7CCIP7KSEXYA5MUTFCUDUJT/

Source: cve@mitre.org

https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062

Source: cve@mitre.org

https://seclists.org/bugtraq/2019/Oct/6

Source: cve@mitre.org

Issue TrackingMailing ListThird Party Advisory

https://security.netapp.com/advisory/ntap-20191017-0006/

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2019/dsa-4542

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://www.oracle.com//security-alerts/cpujul2021.html

Source: cve@mitre.org

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpuapr2020.html

Source: cve@mitre.org

Third Party Advisory

https://www.oracle.com/security-alerts/cpujan2020.html

Source: cve@mitre.org

Third Party Advisory

https://www.oracle.com/security-alerts/cpujul2020.html

Source: cve@mitre.org

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2020.html

Source: cve@mitre.org

PatchThird Party Advisory

https://access.redhat.com/errata/RHSA-2020:0159