COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2017-12149

CVE-2017-12149

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-12-10
Reference
https://nvd.nist.gov/vuln/detail/CVE-2017-12149
⚡ RCE ⌖ exploited in the wild shame 95/100 ransomwarerceexploited-in-wild

The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.

Players implicated

Red Hat · vendorJBoss Application Server · product

Description

The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.

Affected FedRAMP products 1 in the catalog

ProductProviderStatusMatch
Red Hat OpenShift Service on AWS (ROSA) Red Hat In Process vendor-exact · 0.90