CVE-2018-1295

{"id": "CVE-2018-1295", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-04-02T17:29:00.277", "references": [{"url": "http://www.securityfocus.com/bid/103692", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@apache.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:2405", "tags": ["Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209%40%3Cdev.ignite.apache.org%3E", "source": "security@apache.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer."}, {"lang": "es", "value": "En Apache Ignite 2.3 o anterior, el mecanismo de serializaci\u00f3n no tiene una lista de clases permitidas para serializar/deserializar, lo que hace posible que se ejecute c\u00f3digo arbitrario cuando clases vulnerables de terceros est\u00e1n presentes en la ruta de clases de Ignite. La vulnerabilidad se puede explotar si uno env\u00eda un forma especial de objeto serializado a uno de los extremos de deserializaci\u00f3n de determinados componentes de Ignite - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer."}], "lastModified": "2023-11-07T02:55:55.760", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:ignite:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0B26840-2773-4E40-B366-E8C98ECEE889", "versionEndIncluding": "2.3.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}