Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.5
CVSSv3

CVE-2021-39144

Published: 23/08/2021 Updated: 07/11/2023
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
CVSS v3 Base Score: 8.5 | Impact Score: 6 | Exploitability Score: 1.8
VMScore: 535
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Subscribe to Xstream Project

Vulnerability Summary

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote malicious user to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-39139) XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote malicious user to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose. (CVE-2021-39140) A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote malicious user to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-39141) (CVE-2021-39144) (CVE-2021-39145) (CVE-2021-39146) (CVE-2021-39147) (CVE-2021-39148) (CVE-2021-39149) (CVE-2021-39151) (CVE-2021-39153) (CVE-2021-39154) A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote malicious user to request data from internal resources that are not publicly available by manipulating the processed input stream with Java runtime versions 14 to 8. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-39150) (CVE-2021-39152)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

xstream project xstream

debian debian linux 9.0

debian debian linux 10.0

debian debian linux 11.0

fedoraproject fedora 33

fedoraproject fedora 34

fedoraproject fedora 35

netapp snapmanager -

oracle webcenter portal 12.2.1.3.0

oracle utilities framework 4.2.0.3.0

oracle utilities framework 4.2.0.2.0

oracle utilities framework 4.3.0.6.0

oracle utilities framework 4.4.0.0.0

oracle communications unified inventory management 7.3.4

oracle communications unified inventory management 7.3.5

oracle communications unified inventory management 7.4.0

oracle webcenter portal 12.2.1.4.0

oracle utilities framework 4.4.0.2.0

oracle communications billing and revenue management elastic charging engine 11.3

oracle communications billing and revenue management elastic charging engine 12.0

oracle business activity monitoring 12.2.1.4.0

oracle commerce guided search 11.3.2

oracle communications unified inventory management 7.4.1

oracle retail xstore point of service 16.0.6

oracle retail xstore point of service 17.0.4

oracle retail xstore point of service 18.0.3

oracle retail xstore point of service 19.0.2

oracle retail xstore point of service 20.0.1

oracle utilities framework 4.4.0.3.0

oracle utilities testing accelerator 6.0.0.1.1

oracle communications cloud native core binding support function 1.10.0

oracle utilities framework 4.3.0.1.0

oracle communications cloud native core policy 1.14.0

oracle communications unified inventory management 7.4.2

oracle communications cloud native core automated test suite 1.9.0

Vendor Advisories

Debian CVElist Bug Report Logs: libxstream-java: vulnerable to CVE-2021-391{{39..41},{44..54}}
Debian Bug report logs - #998054 libxstream-java: vulnerable to CVE-2021-391{{3941},{4454}} Package: libxstream-java; Maintainer for libxstream-java is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for libxstream-java is src:libxstream-java (PTS, buildd, popcon) Reported by: Alex Thiessen ...
Red Hat: Important: Red Hat Data Grid 7.3.10 security update
Synopsis Important: Red Hat Data Grid 7310 security update Type/Severity Security Advisory: Important Topic An update for Red Hat Data Grid is now availableRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, ...
Red Hat: Moderate: Red Hat Decision Manager 7.12.0 security update
Synopsis Moderate: Red Hat Decision Manager 7120 security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat Decision ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed sever ...
Red Hat: Critical: Red Hat Process Automation Manager 7.12.0 security update
Synopsis Critical: Red Hat Process Automation Manager 7120 security update Type/Severity Security Advisory: Critical Topic An update is now available for Red Hat Process Automation ManagerRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gi ...
Red Hat: Important: Red Hat Single Sign-On 7.6.4 security update
Synopsis Important: Red Hat Single Sign-On 764 security update Type/Severity Security Advisory: Important Topic A security update is now available for Red Hat Single Sign-On 76 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base ...
Red Hat: Moderate: Red Hat Data Grid 8.3.0 security update
Synopsis Moderate: Red Hat Data Grid 830 security update Type/Severity Security Advisory: Moderate Topic An update for Red Hat Data Grid is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is ...
Debian Security Advisories: DSA-5004-1 libxstream-java -- security update
Multiple security vulnerabilities have been discovered in XStream, a Java library to serialize objects to XML and back again These vulnerabilities may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream XStream itself sets up a whitelist by default now, ie it blocks all c ...
Amazon Linux 2: ALAS2-2021-1729
A flaw was found in xstream, a simple library used to serialize objects to XML and back again This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability (CVE-2021-391 ...
Red Hat: CVE-2021-39144
XStream is a simple library to serialize objects to XML and back again In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist ...
VMware Security Advisories:
Sign up for Security Advisories Stay up to date on the latest VMware Security advisories and updates ...

Exploits

Exploit DB: VMware NSX Manager XStream Unauthenticated Remote Code Execution
VMware Cloud Foundation (NSX-V) contains a remote code execution vulnerability via XStream open source library VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 98 Due to an unauthenticated endpoint that leverages XStream for input serialization in VMware Cloud Foundation (NS ...

Github Repositories

https://github.com/MRvirusIR/VMware-NSX-Manager-XStream

VMware NSX Manager XStream Unauthenticated Remote Code Execution Exploit

VMware-NSX-Manager-XStream VMware NSX Manager XStream Unauthenticated Remote Code Execution Exploit Full title VMware NSX Manager XStream Unauthenticated Remote Code Execution Exploit Date add 16-11-2022 Category remote exploits Platform java Risk [Security Risk Critical] Description VMware Cloud Foundation (NSX-V) contains a remote code execution vulnerability v

https://github.com/Power7089/CyberSpace

炼石计划@渗透攻防宇宙,本星球我们不仅专注渗透攻防测试中的点点滴滴,又横向扩展学习代码基础与PHP/Java代码审计基础。两者相辅相成,只为更好的成长。

嗨,朋友你好,欢迎来到【炼石计划@渗透攻防宇宙】,这是继Java代码审计,PHP代码审计的又一力作。 本星球我们不仅专注渗透攻防测试中的点点滴滴,又横向扩展学习代码基础与PHP/Java代码审计基础。 两者相辅相成,配合九大学习内容,只为更好的成长。 在这里我们是有节奏成体系分

https://github.com/zwjjustdoit/Xstream-1.4.17

XSTREAM<=1.4.17漏洞复现(CVE-2021-39141、CVE-2021-39144、CVE-2021-39150)

Xstream-1417 (以上Xstream Demo环境经本人搭建,漏洞利用环境以JDK18_u131为准,现支持本地测试和HTTP远程发包) XSTREAM&lt;=1417漏洞复现(CVE-2021-39141、CVE-2021-39144、CVE-2021-39150、CVE-2021-39152) 不提供本实验利用POC,仅展示复现利用效果,为避免恶意人员的利用,仅提供官网POC:x-stream

Recent Articles

Cisco AnyConnect Windows client under active attack
The Register

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Make sure you're patched – and update VMware Cloud Foundation, too, by the way

Cisco says miscreants are exploiting two vulnerabilities in its AnyConnect Secure Mobility Client for Windows, which is supposed to ensure safe VPN access for remote workers. One of the pair of flaws, tracked as CVE-2020-3433, is a privilege-escalation issue: an authenticated, local user can exploit AnyConnect to execute code with SYSTEM-level privileges. A rogue insider or malware on a PC can use this to gain total control over the system. It affects Cisco AnyConnect Secure Mobility Client for ...

Read more...
Apple patches actively exploited iPhone, iPad kernel vulns
The Register

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Plus: Misconfigured server leaks Reuters data; VMware patches critical flaw in retired software; MalwareBytes apologies for a hoodie

In brief Apple has patched an iOS and iPad OS vulnerability that's already been exploited. Crediting an anonymous security researcher with reporting the issue, Apple said the problem involves an out-of-bounds write issue – which involves adding data past the end or before the beginning of a buffer. The impacts can bedata corruption, a crash or the chance to execute arbitrary code with kernel privileges.  Apple issued patches for iOS 16.1 and iPad OS 16, to address this and 19 other vulner...

Read more...

References

CWE-306CWE-502https://x-stream.github.io/CVE-2021-39144.htmlhttps://github.com/x-stream/xstream/security/advisories/GHSA-j9h8-phrw-h4fhhttps://security.netapp.com/advisory/ntap-20210923-0003/https://lists.debian.org/debian-lts-announce/2021/09/msg00017.htmlhttps://www.debian.org/security/2021/dsa-5004https://www.oracle.com/security-alerts/cpujan2022.htmlhttps://www.oracle.com/security-alerts/cpuapr2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.htmlhttp://packetstormsecurity.com/files/169859/VMware-NSX-Manager-XStream-Unauthenticated-Remote-Code-Execution.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22KVR6B5IZP3BGQ3HPWIO2FWWCKT3DHP/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QGXIU3YDPG6OGTDHMBLAFN7BPBERXREB/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PVPHZA7VW2RRSDCOIPP2W6O5ND254TU7/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998054https://nvd.nist.govhttps://github.com/MRvirusIR/VMware-NSX-Manager-XStreamhttps://www.vmware.com/security/advisories/VMSA-2022-0027.htmlhttps://www.debian.org/security/2021/dsa-5004https://alas.aws.amazon.com/AL2/ALAS-2021-1729.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcodedarbitrary codeCVE-2024-2404CVE-2024-21111CVE-2024-28627CVE-2024-4073information disclosureCVE-2024-32780CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook