CVE-2017-7536

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2017-7536
In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue().

7.0 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 1.0 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.4 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 3.4 / Impact : 6.4

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1465573 Issue Tracking Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3458 Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3456 Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3455 Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3454 Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3141 Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2811 Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2810 Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2809 Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2808 Vendor Advisory
http://www.securitytracker.com/id/1039744 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/101048 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:2743 Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2742 Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2741 Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2740 Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2927 Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:3817 Vendor Advisory
https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1:*:*:*:*:*:*:*
OR cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
OR cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
History

07 Nov 2023, 02:50

Type Values Removed Values Added
References
  • {'url': 'https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E', 'name': '[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities', 'tags': ['Issue Tracking', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • () https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E -
Information

Published : 2018-01-10 15:29

Updated : 2023-11-07 02:50

NVD link : CVE-2017-7536

Mitre link : CVE-2017-7536

JSON object : View

Products Affected

redhat

  • enterprise_linux
  • virtualization
  • satellite
  • jboss_enterprise_application_platform
  • virtualization_host
  • hibernate_validator
  • satellite_capsule
CWE
CWE-470

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')