APP: Red Hat JBoss Data Grid Hotrod Client Insecure Deserialization
This signature detects attempts to exploit a known vulnerability in the Hotrod client that ships with Red Hat JBoss Data Grid. Successful exploitation can result in arbitrary code execution in the security context of the vulnerable client.
Extended Description
It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker could inject a malicious object into the data cache and attain deserialization on the client, and possibly conduct further attacks.
Affected Products
Infinispan infinispan
References
CVE: CVE-2017-15089
Short Name
APP:REDHAT-JBOSS-DG-HOTROD-ID
Severity
Major
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
CVE-2017-15089 Client Data Deserialization Grid Hat Hotrod Insecure JBoss Red
Release Date
03/13/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
Port
TCP/11222
False Positive
Unknown
Vendors
Infinispan
CVSS Score
6.5