CVE-2016-6793 : The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote attackers to cause a den

The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote attackers to cause a denial of service (infinite loop) and write to, move, and delete files with the permissions of DiskFileItem, and if running on a Java VM before 1.3.1, execute arbitrary code via a crafted serialized Java object.

Published 2017-07-17 13:18:07

Updated 2019-05-06 19:15:09

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute codeDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2016-6793

Probability of exploitation activity in the next 30 days: 2.11%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 88 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-6793

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.4	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:P	10.0	4.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: Partial
9.1	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H	3.9	5.2	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: High

CWE ids for CVE-2016-6793

CWE-502 Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-6793

http://www.securityfocus.com/bid/95168

Apache Wicket CVE-2016-6793 Denial of Service Vulnerability
Third Party Advisory;VDB Entry
https://www.tenable.com/security/research/tra-2016-23

[R4] Apache Wicket DiskFileItem Java Deserialization Remote File Manipulation - Research Advisory | Tenable®
Third Party Advisory

CVEs referencing this url
http://www.openwall.com/lists/oss-security/2016/12/31/1

oss-security - Fwd: [ANNOUNCE] CVE-2016-6793 Apache Wicket deserialization vulnerability
Mailing List;Third Party Advisory
http://www.securityfocus.com/archive/1/539975/100/0/threaded

SecurityFocus
Mailing List;Third Party Advisory;VDB Entry
https://wicket.apache.org/news/2016/12/31/cve-2016-6793.html

CVE-2016-6793 Apache Wicket deserialization vulnerability | Apache Wicket
Vendor Advisory
http://www.securitytracker.com/id/1037541

Apache Wicket DiskFileItem Class Deserialization Error Lets Remote Users Cause Denial of Service Conditions - SecurityTracker
Third Party Advisory;VDB Entry

Products affected by CVE-2016-6793

Apache » Wicket
Versions from including (>=) 6.0.0 and before (<) 6.25.0
cpe:2.3:a:apache:wicket:*:*:*:*:*:*:*:*
Matching versions
Apache » Wicket
Versions from including (>=) 1.5.0 and before (<) 1.5.17
cpe:2.3:a:apache:wicket:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2016-6793

Exploit prediction scoring system (EPSS) score for CVE-2016-6793

CVSS scores for CVE-2016-6793

CWE ids for CVE-2016-6793

References for CVE-2016-6793

Products affected by CVE-2016-6793