Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2017-15703
HistoryJan 25, 2018 - 9:29 p.m.

CVE-2017-15703

2018-01-2521:29:00
Google
osv.dev
2

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

JSON

Any authenticated user (valid client certificate but without ACL permissions) could upload a template which contained malicious code and caused a denial of service via Java deserialization attack. The fix to properly handle Java deserialization was applied on the Apache NiFi 1.4.0 release. Users running a prior 1.x release should upgrade to the appropriate release.

Related

osv 1
veracode 1
cve 1
github 1
prion 1
cvelist 1
nvd 1
osv
osv
Denial of service via deserialization attack in nifi
2019-10-25 19:42:50
veracode
veracode
Java Deserialization
2018-01-26 04:42:40
cve
cve
CVE-2017-15703
2018-01-25 21:29:00
github
github
Denial of service via deserialization attack in nifi
2019-10-25 19:42:50
prion
prion
Deserialization of untrusted data
2018-01-25 21:29:00
cvelist
cvelist
CVE-2017-15703
2017-10-02 00:00:00
nvd
nvd
CVE-2017-15703
2018-01-25 21:29:00

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

JSON
Related for OSV:CVE-2017-15703
osv1veracode1cve1github1prion1cvelist1nvd1