CyberSec.Space Logo
Back to CVE Browser

CVE-2018-12532

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1410%
EPSS Percentile0.98th
PublishedJun 18, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResource's resource request, aka RF-14309.

Affected Platforms (CPE)

πŸ“¦
Redhat

Richfaces

>= 4.5.3 and <= 4.5.17

References & Advisories

πŸ”— http://seclists.org/fulldisclosure/2020/Mar/21
πŸ”— http://www.securityfocus.com/bid/104503
πŸ”— https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html
πŸ”— http://seclists.org/fulldisclosure/2020/Mar/21
πŸ”— http://www.securityfocus.com/bid/104503
πŸ”— https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html

Related Vulnerabilities

CVE-2018-125339.8

JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and exe...

CVE-2018-146679.8

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A rem...

CVE-2013-45219.8

RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deseri...

CVE-2013-21657.5

ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat ...