CVE-2022-1415 - OpenCVE

A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Drools Jboss Middleware Text-only Advisories Process Automation Decision Manager

Configuration 1 [-]

OR	cpe:2.3:a:redhat:decision_manager:7.0:::::::*
	cpe:2.3:a:redhat:drools:7.69.0:::::::*
	cpe:2.3:a:redhat:jboss_middleware_text-only_advisories:-:::::::*
	cpe:2.3:a:redhat:process_automation:7.0:::::::*

References

Link	Resource
https://access.redhat.com/errata/RHSA-2022:6813	Vendor Advisory
https://access.redhat.com/security/cve/CVE-2022-1415	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2065505	Issue Tracking Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2023-09-11T20:20:23.745Z

Updated: 2024-05-03T15:32:23.354Z

Reserved: 2022-04-20T12:43:39.822Z

Link: CVE-2022-1415

JSON object: View

NVD Information

Status : Modified

Published: 2023-09-11T21:15:41.483

Modified: 2024-05-03T16:15:07.767

Link: CVE-2022-1415

JSON object: View

Redhat Information

No data.

CWE

CWE-502

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-1415", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2022-04-20T12:43:39.822Z", "datePublished": "2023-09-11T20:20:23.745Z", "dateUpdated": "2024-05-03T15:32:23.354Z"}, "containers": {"cna": {"title": "Drools: unsafe data deserialization in streamutils", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server."}], "affected": [{"vendor": "Red Hat", "product": "RHPAM 7.13.1 async", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13"]}, {"vendor": "Red Hat", "product": "Red Hat build of Apache Camel for Spring Boot", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "drools-core", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:camel_spring_boot:3"]}, {"vendor": "Red Hat", "product": "Red Hat build of Quarkus", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "drools-core", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:quarkus:2"]}, {"vendor": "Red Hat", "product": "Red Hat Decision Manager 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "drools-core", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:jboss_enterprise_brms_platform:7"]}, {"vendor": "Red Hat", "product": "Red Hat Integration Camel K", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "drools-core", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:integration:1"]}, {"vendor": "Red Hat", "product": "Red Hat Integration Camel Quarkus", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "drools-core", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:camel_quarkus:2"]}, {"vendor": "Red Hat", "product": "Red Hat JBoss Data Grid 7", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "packageName": "drools-core", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:jboss_data_grid:7"]}, {"vendor": "Red Hat", "product": "Red Hat JBoss Data Virtualization 6", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "packageName": "drools-core", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:jboss_data_virtualization:6"]}, {"vendor": "Red Hat", "product": "Red Hat JBoss Enterprise Application Platform 6", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "packageName": "drools-core", "defaultStatus": "unknown", "cpes": ["cpe:/a:redhat:jboss_enterprise_application_platform:6"]}, {"vendor": "Red Hat", "product": "Red Hat JBoss Enterprise Application Platform 7", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "packageName": "drools-core", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:jboss_enterprise_application_platform:7"]}, {"vendor": "Red Hat", "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "packageName": "drools-core", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:jbosseapxp"]}, {"vendor": "Red Hat", "product": "Red Hat JBoss Fuse 6", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "packageName": "drools-core", "defaultStatus": "unknown", "cpes": ["cpe:/a:redhat:jboss_fuse:6"]}, {"vendor": "Red Hat", "product": "Red Hat JBoss Fuse 7", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "packageName": "drools-core", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:jboss_fuse:7"]}, {"vendor": "Red Hat", "product": "Red Hat JBoss Fuse Service Works 6", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "packageName": "drools-core", "defaultStatus": "unknown", "cpes": ["cpe:/a:redhat:jboss_fuse_service_works:6"]}, {"vendor": "Red Hat", "product": "Red Hat Process Automation 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "drools-core", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2022:6813", "name": "RHSA-2022:6813", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2022-1415", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2065505", "name": "RHBZ#2065505", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2022-10-28T00:00:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "Deserialization of Untrusted Data", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-502: Deserialization of Untrusted Data", "timeline": [{"lang": "en", "time": "2021-12-28T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2022-10-28T00:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Paulino Calderon (Websec) for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-05-03T15:32:23.354Z"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "68146098-58F8-417E-B165-5182527117C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:drools:7.69.0:*:*:*:*:*:*:*", "matchCriteriaId": "C63D3269-9F0C-44C4-AC56-FEBD51D5E780", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_middleware_text-only_advisories:-:*:*:*:*:*:*:*", "matchCriteriaId": "434B744A-9665-4340-B02D-7923FCB2B562", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "20A6B40D-F991-4712-8E30-5FE008505CB7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en la que algunas clases de utilidad en el n\u00facleo de Drools no usaban las medidas de seguridad adecuadas al deserializar datos. Esta falla permite a un atacante autenticado construir objetos serializados maliciosos (generalmente llamados gadgets) y lograr la ejecuci\u00f3n de c\u00f3digo en el servidor."}], "id": "CVE-2022-1415", "lastModified": "2024-05-03T16:15:07.767", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2023-09-11T21:15:41.483", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2022:6813"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2022-1415"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2065505"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-502"}], "source": "secalert@redhat.com", "type": "Secondary"}]}