CVEブラウザに戻る

CVE-2018-12533

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0410%

EPSS Percentile1.30th

Published2018年6月18日

Last Modified2024年11月21日

Vulnerability Description

JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.

Affected Platforms (CPE)

📦

Redhat

Richfaces

>= 3.1.0 and <= 3.3.4

References & Advisories

🔗 http://seclists.org/fulldisclosure/2020/Mar/21

🔗 http://www.securityfocus.com/bid/104502

🔗 http://www.securitytracker.com/id/1041617

🔗 https://access.redhat.com/errata/RHSA-2018:2663

🔗 https://access.redhat.com/errata/RHSA-2018:2664

🔗 https://access.redhat.com/errata/RHSA-2018:2930

🔗 https://codewhitesec.blogspot.com/2018/05/poor-richfaces.html

🔗 http://seclists.org/fulldisclosure/2020/Mar/21

関連する脆弱性情報

CVE-2018-125329.8

JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language (EL) varia...

CVE-2018-146679.8

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A rem...

CVE-2013-45219.8

RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deseri...

CVE-2013-21657.5

ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat ...