Input validation error in Crowd Server - CVE-2016-6496
Published: December 10, 2016 / Updated: August 9, 2020
Vulnerability identifier: #VU39994
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2016-6496
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Atlassian
Affected software:
Crowd Server
Crowd Server
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning.
How to mitigate CVE-2016-6496
Install update from vendor's website.
Sources
- http://www.securityfocus.com/archive/1/539655/100/0/threaded
- http://www.securityfocus.com/bid/93826
- https://confluence.atlassian.com/crowd/crowd-security-advisory-2016-10-19-856697283.html
- https://jira.atlassian.com/browse/CWD-4790
- https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf