CVE-2015-5348 — Vulnetix

CVE-2015-5348 PUBLISHED

Es existiert eine Schwachstelle in Red Hat JBoss Fuse. Die Schwachstelle besteht in dem Apache Camels Jetty/Servlet und beruht auf einem Deserialisierungsfehler. Ein Angreifer kann dieses durch Übermitteln geeignet gestalteter Daten nutzen und beliebigen Code zur Ausführung bringen.

EPSS 6.83% · 91.5th percentile

Risk Scores

EPSS Score

6.83%

91.5th percentile

Affected Products

Vendor	Product	Versions
Ubuntu	Ubuntu Linux
Red Hat	Red Hat JBoss Fuse 6.3

Exploit Intelligence

http://packetstormsecurity.com/files/134946/Apache-Camel-Java-Object-Deserialization.html (circl)
RHSA-2016:2035 (circl)
http://camel.apache.org/security-advisories.data/CVE-2015-5348.txt.asc (circl)
https://issues.apache.org/jira/browse/CAMEL-9309 (circl)
20151217 CVE-2015-5348 - Apache Camel medium disclosure vulnerability (circl)
80696 (circl)
[camel-commits] 20190430 svn commit: r1044347 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0194.txt.asc security-advisories.html (circl)
[camel-commits] 20190524 svn commit: r1045395 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0188.txt.asc security-advisories.html (circl)

Timeline

Apr 15, 2016 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score
Jul 16, 2023 EPSS Score
Sep 7, 2023 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2016/wid-sec-w-2024-3616.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3616 advisory
https://rhn.redhat.com/errata/RHSA-2016-2036.html advisory
https://rhn.redhat.com/errata/RHSA-2016-2035.html advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11023 advisory
https://ubuntu.com/security/notices/USN-7139-1 advisory

Open in Interactive Console →