Red Hat JBoss RichFaces Expression Language Injection Arbitrary Java Code Execution Vulnerability [CVE-2018-12533]

CVE Number – CVE-2018-12533

A vulnerability in Red Hat JBoss RichFaces could allow an unauthenticated, remote attacker to inject arbitrary code on a targeted system.

The vulnerability exists because the affected software allows injection of arbitrary Expression Language (EL) expressions. An attacker could exploit this vulnerability by using the org.richfaces.renderkit.html.Paint2DResource$ImageData object (RF-14310) to pass malicious resource data to the targeted system. A successful exploit could allow the attacker to execute arbitrary Java code on the system.

Red Hat has confirmed the vulnerability and released software updates.

Analysis
  • To exploit this vulnerability, the attacker must send malicious resource data to the targeted system, making exploitation more difficult in environments that restrict network access from untrusted sources.
Safeguards
  • Administrators are advised to apply the appropriate updates.

    Administrators are advised to allow only trusted users to have network access.

    Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.

    Administrators are advised to monitor affected systems.

Vendor Announcements
Fixed Software
  • Red Hat has released updated software for registered subscribers via the Red Hat Subscription Management (RHSM) service. Red Hat packages can be updated on Red Hat Enterprise Linux versions 5 and later using the yum tool.




Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: