HTTP: Jackson Databind Deserialization Remote Code Execution
This signature detects attempts to exploit a known vulnerability against FasterXML Jackson. A successful attack can lead to arbitrary code execution.
Extended Description
A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
Affected Products
Fasterxml jackson-databind
References
CVE: CVE-2017-7525
Short Name
HTTP:MISC:JACKSON-DATABIND-RCE
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2017-15095 CVE-2017-7525 Code Databind Deserialization Execution Jackson Remote
Release Date
04/23/2020
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3606
False Positive
Unknown
Vendors
Oracle
Netapp
Debian
Redhat
Fasterxml
CVSS Score
7.5