HTTP: XStream Library Multiple Insecure Deserialization
This signature detects attempts to exploit a known vulnerability against XStream Library. A successful attack can lead to arbitrary code execution.
Extended Description
XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. The issue is fixed in version 1.4.14.
Affected Products
Oracle banking_virtual_account_management
References
CVE: CVE-2020-26258
Short Name
HTTP:STC:XSTREAM-LIB-INSEC-DES
Severity
Critical
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2020-26217 CVE-2020-26258 Deserialization Insecure Library Multiple XStream
Release Date
01/06/2021
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3693
False Positive
Rarely
Vendors
Apache
Oracle
Netapp
Xstream_project
Debian
CVSS Score
9.3
5.0