CVE-2018-14667
CRITICAL9.8⚠ KEVEPSS 89.5%Richfaces vulnerable to arbitrary code execution
發布日:2022/5/13修改日:2025/10/22加入 CISA KEV 日:2023/9/28
描述
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via `org.ajax4jsf.resource.UserResource$UriData`.
受影響套件(1)
- Maven/org.richfaces:richfaces-corefrom 0, < 3.3.4
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
參考連結(10)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2018-14667
- WEBhttp://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html
- WEBhttps://access.redhat.com/errata/RHSA-2018:3517
- WEBhttps://access.redhat.com/errata/RHSA-2018:3518
- WEBhttps://access.redhat.com/errata/RHSA-2018:3519
- WEBhttps://access.redhat.com/errata/RHSA-2018:3581
- WEBhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667
- WEBhttp://seclists.org/fulldisclosure/2020/Mar/21
- WEBhttps://github.com/richfaces/richfaces/commit/1372eb716c1a215a5af124198f21bde33fafad06
- WEBhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14667