CVE-2022-25845 - OpenCVE

The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not possible, you can enable [safeMode](https://github.com/alibaba/fastjson/wiki/fastjson_safemode).

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Alibaba	Fastjson
Oracle	Communications Cloud Native Core Unified Data Repository

Configuration 1 [-]

cpe:2.3:a:alibaba:fastjson:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/alibaba/fastjson/commit/35db4adad70c32089542f23c272def1ad920a60d	Patch Third Party Advisory
https://github.com/alibaba/fastjson/commit/8f3410f81cbd437f7c459f8868445d50ad301f15	Patch Third Party Advisory
https://github.com/alibaba/fastjson/releases/tag/1.2.83	Release Notes Third Party Advisory
https://github.com/alibaba/fastjson/wiki/security_update_20220523	Third Party Advisory
https://snyk.io/vuln/SNYK-JAVA-COMALIBABA-2859222	Third Party Advisory
https://www.ddosi.org/fastjson-poc/	Exploit Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html	Patch Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: snyk

Published: 2022-06-10T00:00:00

Updated: 2022-07-25T16:53:32

Reserved: 2022-02-24T00:00:00

Link: CVE-2022-25845

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-06-10T20:15:08.117

Modified: 2023-02-23T17:51:57.970

Link: CVE-2022-25845

JSON object: View

Redhat Information

No data.

CWE

CWE-502

{"containers": {"cna": {"affected": [{"product": "com.alibaba:fastjson", "vendor": "n/a", "versions": [{"lessThan": "1.2.83", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Unknown"}], "datePublic": "2022-06-10T00:00:00", "descriptions": [{"lang": "en", "value": "The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not possible, you can enable [safeMode](https://github.com/alibaba/fastjson/wiki/fastjson_safemode)."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "PROOF_OF_CONCEPT", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", "temporalScore": 7.7, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Deserialization of Untrusted Data", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-07-25T16:53:32", "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://snyk.io/vuln/SNYK-JAVA-COMALIBABA-2859222"}, {"tags": ["x_refsource_MISC"], "url": "https://www.ddosi.org/fastjson-poc/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/alibaba/fastjson/commit/8f3410f81cbd437f7c459f8868445d50ad301f15"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/alibaba/fastjson/commit/35db4adad70c32089542f23c272def1ad920a60d"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/alibaba/fastjson/wiki/security_update_20220523"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/alibaba/fastjson/releases/tag/1.2.83"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujul2022.html"}], "title": "Deserialization of Untrusted Data", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "report@snyk.io", "DATE_PUBLIC": "2022-06-10T20:00:19.390362Z", "ID": "CVE-2022-25845", "STATE": "PUBLIC", "TITLE": "Deserialization of Untrusted Data"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "com.alibaba:fastjson", "version": {"version_data": [{"version_affected": "<", "version_value": "1.2.83"}]}}]}, "vendor_name": "n/a"}]}}, "credit": [{"lang": "eng", "value": "Unknown"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not possible, you can enable [safeMode](https://github.com/alibaba/fastjson/wiki/fastjson_safemode)."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Deserialization of Untrusted Data"}]}]}, "references": {"reference_data": [{"name": "https://snyk.io/vuln/SNYK-JAVA-COMALIBABA-2859222", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-JAVA-COMALIBABA-2859222"}, {"name": "https://www.ddosi.org/fastjson-poc/", "refsource": "MISC", "url": "https://www.ddosi.org/fastjson-poc/"}, {"name": "https://github.com/alibaba/fastjson/commit/8f3410f81cbd437f7c459f8868445d50ad301f15", "refsource": "MISC", "url": "https://github.com/alibaba/fastjson/commit/8f3410f81cbd437f7c459f8868445d50ad301f15"}, {"name": "https://github.com/alibaba/fastjson/commit/35db4adad70c32089542f23c272def1ad920a60d", "refsource": "MISC", "url": "https://github.com/alibaba/fastjson/commit/35db4adad70c32089542f23c272def1ad920a60d"}, {"name": "https://github.com/alibaba/fastjson/wiki/security_update_20220523", "refsource": "MISC", "url": "https://github.com/alibaba/fastjson/wiki/security_update_20220523"}, {"name": "https://github.com/alibaba/fastjson/releases/tag/1.2.83", "refsource": "MISC", "url": "https://github.com/alibaba/fastjson/releases/tag/1.2.83"}, {"name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html"}]}}}}, "cveMetadata": {"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "assignerShortName": "snyk", "cveId": "CVE-2022-25845", "datePublished": "2022-06-10T00:00:00", "dateReserved": "2022-02-24T00:00:00", "dateUpdated": "2022-07-25T16:53:32", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:alibaba:fastjson:*:*:*:*:*:*:*:*", "matchCriteriaId": "0493BADE-C286-47E0-8652-C1C4D39DDAB5", "versionEndExcluding": "1.2.83", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "74810125-09E6-4F27-B541-AFB61112AC56", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not possible, you can enable [safeMode](https://github.com/alibaba/fastjson/wiki/fastjson_safemode)."}, {"lang": "es", "value": "El paquete com.alibaba:fastjson versiones anteriores a 1.2.83, es vulnerable a una Deserializaci\u00f3n de Datos No Confiables al omitir las restricciones de cierre de autoType por defecto, lo cual es posible bajo determinadas condiciones. La explotaci\u00f3n de esta vulnerabilidad permite atacar servidores remotos. Mitigaci\u00f3n: Si la actualizaci\u00f3n no es posible, puede habilitar [safeMode](https://github.com/alibaba/fastjson/wiki/fastjson_safemode)"}], "id": "CVE-2022-25845", "lastModified": "2023-02-23T17:51:57.970", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "report@snyk.io", "type": "Secondary"}]}, "published": "2022-06-10T20:15:08.117", "references": [{"source": "report@snyk.io", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/alibaba/fastjson/commit/35db4adad70c32089542f23c272def1ad920a60d"}, {"source": "report@snyk.io", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/alibaba/fastjson/commit/8f3410f81cbd437f7c459f8868445d50ad301f15"}, {"source": "report@snyk.io", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/alibaba/fastjson/releases/tag/1.2.83"}, {"source": "report@snyk.io", "tags": ["Third Party Advisory"], "url": "https://github.com/alibaba/fastjson/wiki/security_update_20220523"}, {"source": "report@snyk.io", "tags": ["Third Party Advisory"], "url": "https://snyk.io/vuln/SNYK-JAVA-COMALIBABA-2859222"}, {"source": "report@snyk.io", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.ddosi.org/fastjson-poc/"}, {"source": "report@snyk.io", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujul2022.html"}], "sourceIdentifier": "report@snyk.io", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "nvd@nist.gov", "type": "Primary"}]}