Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Apache Flex BlazeDS unsafe deserialization

🗓️ 13 May 2022 01:02:10Reported by GitHub Advisory DatabaseType 
github
 github🔗 github.com👁 34 Views

Apache Flex BlazeDS unsafe deserialization in versions 4.7.2 and earlier. Allows remote code execution

Related
Detection
Refs
ReporterTitlePublishedViews
Family
0day.today		Cisco ISE 2.4.0 XSS / Remote Code Execution Exploit
6 Feb 201900:00
zdt
Information Security Automation		Vulnerability subscriptions in terms of business
26 Apr 201718:25
avleonov
Circl		CVE-2017-5641
6 Feb 201900:27
circl
CNVD		VMware vCenter Server BlazeDS Component Remote Code Execution Vulnerability
4 Apr 201700:00
cnvd
Check Point Advisories		Apache Flex AMF BlazeDS Java Object Deserialization Remote Code Execution (CVE-2017-5641)
17 Mar 201900:00
checkpoint_advisories
CVE		CVE-2017-5641
28 Dec 201715:00
cve
Cvelist		CVE-2017-5641
28 Dec 201715:00
cvelist
Hacker One		U.S. Dept Of Defense: [HTAF4-213] [Pre-submission] Unsafe AMF deserialization (CVE-2017-5641) in Apache Flex BlazeDS at the https://www.███████/daip/messagebroker/amf
4 Nov 201904:12
hackerone
Imperva Blog		Deserialization Attacks Surge Motivated by Illegal Crypto-mining
24 Jan 201817:45
impervablog
myhack58		Java AMF3 exposure remote code execution vulnerability-vulnerability warning-the black bar safety net
7 Apr 201700:00
myhack58
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 Oct 2023 21:11Current
7.7High risk
Vulners AI Score7.7
CVSS 27.5
CVSS 3.19.8
EPSS0.48477
CWE-502
apache flex blazedsunsafe deserializationremote code executionjava standard librarythird party libraries
34