MiracleLinux 8 : pki-core:10.6 (AXSA:2020-931:01)

🗓️ 20 Jan 2026 00:00:00Reported by TenableType

MiracleLinux 8 pki-core 10.6 is affected by jackson-databind serialization gadget CVEs.

Reporter	Title	Published	Views	Family All 437
IBM Security Bulletins	Security Bulletin: Vulnerabilities in FasterXML Jackson libraries affect IBM Cúram Social Program Management (CVE-2019-17531, CVE-2019-17267, CVE-2019-16942, CVE-2019-16335, CVE-2019-14540)	17 Dec 201909:46	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in FasterXML jackson-databind	20 Dec 201908:47	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Asset Management is vulnerable to Multiple Jackson-Databind CVEs - February 2020	1 Mar 202212:38	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring has patched several open source dependencies	18 Dec 202115:42	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium Insights is affected by Components with known vulnerabilities	6 Oct 202112:30	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in jackson-databind affects IBM Process Mining (Multiple CVEs)	1 Feb 202321:46	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cognos Business Intelligence has addressed multiple vulnerabilities (Q12021)	29 Jan 202118:58	–	ibm
IBM Security Bulletins	Security Bulletin: Series of vulnerabilities in FasterXML jackson-databind affect Apache Solr shipped with IBM Operations Analytics - Log Analysis	22 Apr 202105:30	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in FasterXML jackson-databind	20 Dec 201908:47	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability has been identified in FasterXML Jackson library shipped with IBM Tivoli Netcool/OMNIbus Common Integration Libraries (CVE-2019-14540)	18 Feb 202004:10	–	ibm

Source	Link
tsn	www.tsn.miraclelinux.com/en/node/12113
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2020-931:01.
##

include('compat.inc');

if (description)
{
  script_id(293917);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/20");

  script_cve_id(
    "CVE-2019-14540",
    "CVE-2019-16335",
    "CVE-2019-16942",
    "CVE-2019-16943",
    "CVE-2019-17531"
  );

  script_name(english:"MiracleLinux 8 : pki-core:10.6  (AXSA:2020-931:01)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2020-931:01 advisory.

    jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig
    (CVE-2019-14540)
        jackson-databind: Serialization gadgets in
    com.zaxxer.hikari.HikariDataSource (CVE-2019-16335)
        jackson-databind: Serialization gadgets in
    org.apache.commons.dbcp.datasources.* (CVE-2019-16942)
        jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource
    (CVE-2019-16943)
        jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*
    (CVE-2019-17531)
    CVE(s):
    CVE-2019-14540
    A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to
    com.zaxxer.hikari.HikariConfig.
    CVE-2019-16335
    A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to
    com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.
    CVE-2019-16942
    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default
    Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and
    the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service
    endpoint to access, it is possible to make the service execute a malicious payload. This issue exists
    because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and
    org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.
    CVE-2019-16943
    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default
    Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and
    the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint
    to access, it is possible to make the service execute a malicious payload. This issue exists because of
    com.p6spy.engine.spy.P6DataSource mishandling.
    CVE-2019-17531
    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default
    Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and
    the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a
    JNDI service to access, it is possible to make the service execute a malicious payload.
    Modularity name: pki-core
    Stream name: 10.6

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/12113");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-16942");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-17531");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/11/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:jss");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:jss-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:jss-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:ldapjdk");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:ldapjdk-javadoc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pki-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pki-base-java");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pki-ca");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pki-core-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pki-kra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pki-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pki-symkey");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:pki-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:python3-pki");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:tomcatjss");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:8");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^8([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 8.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '8',
    'pkgs': [
      {'reference':'jss-4.6.2-6.0.1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'jss-debugsource-4.6.2-6.0.1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'jss-javadoc-4.6.2-6.0.1.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'ldapjdk-4.21.0-2.module+el8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'ldapjdk-javadoc-4.21.0-2.module+el8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pki-base-10.8.3-2.module+el8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pki-base-java-10.8.3-2.module+el8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pki-ca-10.8.3-2.module+el8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pki-core-debugsource-10.8.3-2.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pki-kra-10.8.3-2.module+el8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pki-server-10.8.3-2.module+el8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pki-symkey-10.8.3-2.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'pki-tools-10.8.3-2.module+el8', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'python3-pki-10.8.3-2.module+el8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'tomcatjss-7.4.1-2.module+el8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'jss / jss-debugsource / jss-javadoc / ldapjdk / ldapjdk-javadoc / etc');
}

20 Jan 2026 00:00Current

8.4High risk

Vulners AI Score8.4

CVSS 27.5

CVSS 3.19.8

EPSS0.06454