CVE-2019-16942

FasterXML/jackson-databind

on github

Published

October 1, 2019

Severity

CVSS v3:

9.8 CRITICAL

CVSS v2:

7.5 HIGH

Description

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.

References

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:fasterxml:jackson-databind::::::::	2.8.0 (including)	2.8.11.5	*
cpe:2.3:a:fasterxml:jackson-databind::::::::	2.6.0 (including)	2.6.7.3	*
cpe:2.3:a:fasterxml:jackson-databind::::::::	2.9.0 (including)	2.9.10.1	*
cpe:2.3:o:debian:debian_linux:8.0:::::::*	n/a	n/a	8.0
cpe:2.3:o:debian:debian_linux:9.0:::::::*	n/a	n/a	9.0
cpe:2.3:o:debian:debian_linux:10.0:::::::*	n/a	n/a	10.0
cpe:2.3:o:fedoraproject:fedora:30:::::::*	n/a	n/a	30
cpe:2.3:o:fedoraproject:fedora:31:::::::*	n/a	n/a	31
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*	n/a	n/a	-
cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*	n/a	n/a	-
cpe:2.3:a:netapp:service_level_manager:-:::::::*	n/a	n/a	-
cpe:2.3:a:netapp:oncommand_api_services:-:::::::*	n/a	n/a	-
cpe:2.3:a:netapp:active_iq_unified_manager::::::windows::*	7.3 (including)	n/a	*
cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*	9.5 (including)	n/a	*
cpe:2.3:a:netapp:active_iq_unified_manager::::::linux::*	7.3 (including)	n/a	*
cpe:2.3:a:oracle:primavera_unifier:16.2:::::::*	n/a	n/a	16.2
cpe:2.3:a:oracle:banking_platform:2.4.0:::::::*	n/a	n/a	2.4.0
cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*	n/a	n/a	9.2
cpe:2.3:a:oracle:banking_platform:2.4.1:::::::*	n/a	n/a	2.4.1
cpe:2.3:a:oracle:banking_platform:2.5.0:::::::*	n/a	n/a	2.5.0
cpe:2.3:a:oracle:primavera_unifier:16.1:::::::*	n/a	n/a	16.1
cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*	n/a	n/a	12.2.1.3.0
cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*	n/a	n/a	12.2.1.3.0
cpe:2.3:a:oracle:database_server:12.2.0.1:::::::*	n/a	n/a	12.2.0.1
cpe:2.3:a:oracle:banking_platform:2.6.0:::::::*	n/a	n/a	2.6.0
cpe:2.3:a:oracle:banking_platform:2.6.1:::::::*	n/a	n/a	2.6.1
cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*	n/a	n/a	2.6.2
cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:::::::*	n/a	n/a	7.5.0.23.0
cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:::::::*	n/a	n/a	12.0.0.3.0
cpe:2.3:a:oracle:database_server:18c:::::::*	n/a	n/a	18c
cpe:2.3:a:oracle:database_server:19c:::::::*	n/a	n/a	19c
cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:9.2:::::::*	n/a	n/a	9.2
cpe:2.3:a:oracle:primavera_unifier::::::::	17.7 (including)	17.12 (including)	*
cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*	n/a	n/a	18.8
cpe:2.3:a:oracle:primavera_unifier:19.12:::::::*	n/a	n/a	19.12
cpe:2.3:a:oracle:retail_merchandising_system:15.0.3:::::::*	n/a	n/a	15.0.3
cpe:2.3:a:oracle:retail_sales_audit:14.1:::::::*	n/a	n/a	14.1
cpe:2.3:a:oracle:siebel_engineering_-_installer_\&_deployment::::::::	n/a	2.20.5 (including)	*
cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*	n/a	n/a	12.2.1.4.0
cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*	n/a	n/a	12.2.1.3.0
cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:::::::*	n/a	n/a	12.2.1.4.0
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*	n/a	n/a	12.2.1.4.0
cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*	n/a	n/a	2.7.0
cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*	n/a	n/a	2.7.1
cpe:2.3:a:oracle:banking_platform:2.9.0:::::::*	n/a	n/a	2.9.0
cpe:2.3:a:oracle:communications_calendar_server:8.0.0.2.0:::::::*	n/a	n/a	8.0.0.2.0
cpe:2.3:a:oracle:communications_calendar_server:8.0.0.3.0:::::::*	n/a	n/a	8.0.0.3.0
cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:::::::*	n/a	n/a	7.1
cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.3.0:::::::*	n/a	n/a	12.2.1.3.0
cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:12.2.1.4.0:::::::*	n/a	n/a	12.2.1.4.0
cpe:2.3:a:oracle:global_lifecycle_management_nextgen_oui_framework:13.9.4.2.2:::::::*	n/a	n/a	13.9.4.2.2
cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::*	n/a	n/a	19.1.0.0.0
cpe:2.3:a:oracle:primavera_gateway::::::::	17.12.0 (including)	17.12.6 (including)	*
cpe:2.3:a:oracle:primavera_gateway::::::::	18.8.0 (including)	18.8.8 (including)	*
cpe:2.3:a:oracle:primavera_gateway:19.12.0:::::::*	n/a	n/a	19.12.0
cpe:2.3:a:oracle:retail_merchandising_system:16.0.2:::::::*	n/a	n/a	16.0.2
cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::*	n/a	n/a	16.0.3
cpe:2.3:a:oracle:siebel_ui_framework::::::::	n/a	20.5 (including)	*
cpe:2.3:a:oracle:siebel_ui_framework:20.6:::::::*	n/a	n/a	20.6
cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:::::::*	n/a	n/a	1.2.1
cpe:2.3:a:fasterxml:jackson-databind::::::::	2.0.0 (including)	2.6.7.3	*

External Links

NVD - CVE-2019-16942