TROYANOSYVIRUS
Voltar para CVEs

CVE-2023-41331

CRITICAL
9.8

Descricao

SOFARPC is a Java RPC framework. Versions prior to 5.11.0 are vulnerable to remote command execution. Through a carefully crafted payload, an attacker can achieve JNDI injection or system command execution. In the default configuration of the SOFARPC framework, a blacklist is used to filter out dangerous classes encountered during the deserialization process. However, the blacklist is not comprehensive, and an actor can exploit certain native JDK classes and common third-party packages to construct gadget chains capable of achieving JNDI injection or system command execution attacks. Version 5.11.0 contains a fix for this issue. As a workaround, users can add `-Drpc_serialize_blacklist_override=javax.sound.sampled.AudioFileFormat` to the blacklist.

Detalhes CVE

Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado9/12/2023
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0

Produtos afetados

sofastack:sofarpc

Fraquezas (CWE)

CWE-917

Referencias

https://github.com/sofastack/sofa-rpc/releases/tag/v5.11.0(security-advisories@github.com)
https://github.com/sofastack/sofa-rpc/security/advisories/GHSA-chv2-7hxj-2j86(security-advisories@github.com)
https://github.com/sofastack/sofa-rpc/releases/tag/v5.11.0(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/sofastack/sofa-rpc/security/advisories/GHSA-chv2-7hxj-2j86(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.