Remote code execution in Red Hat JBoss RichFaces
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-12533 |
| CWE-ID | CWE-94 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
JBoss Richfaces Server applications / Frameworks for developing and running applications |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Code injection
EUVDB-ID: #VU15407
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12533
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to inject arbitrary code on the target system.
The vulnerability exists in Red Hat JBoss RichFaces due to the affected software allows injection of arbitrary Expression Language (EL) expressions. A remote unauthenticated attacker can use the org.richfaces.renderkit.html.Paint2DResource$ImageData object (RF-14310) to pass malicious resource data and execute arbitrary Java code.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsJBoss Richfaces: 3.1.0 - 3.3.4
External linkshttp://access.redhat.com/security/cve/cve-2018-12533
http://access.redhat.com/errata/RHSA-2018:2663
http://access.redhat.com/errata/RHSA-2018:2664
http://access.redhat.com/errata/RHSA-2018:2930
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
