#VU39994 Input validation error in Crowd Server - CVE-2016-6496
Published: December 10, 2016 / Updated: August 9, 2020
Vulnerability identifier: #VU39994
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2016-6496
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Crowd Server
Crowd Server
Software vendor:
Atlassian
Atlassian
Description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
The LDAP directory connector in Atlassian Crowd before 2.8.8 and 2.9.x before 2.9.5 allows remote attackers to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning.
Remediation
Install update from vendor's website.
External links
- http://www.securityfocus.com/archive/1/539655/100/0/threaded
- http://www.securityfocus.com/bid/93826
- https://confluence.atlassian.com/crowd/crowd-security-advisory-2016-10-19-856697283.html
- https://jira.atlassian.com/browse/CWD-4790
- https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf