Vulnerability Details : CVE-2017-7536
In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur. By allowing the calling code to access those private members without the permission an attacker may be able to validate an invalid instance and access the private member value via ConstraintViolation#getInvalidValue().
Vulnerability category: Gain privilege
Products affected by CVE-2017-7536
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:hibernate_validator:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:satellite_capsule:6.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-7536
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 26 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-7536
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST | |
7.0
|
HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
CWE ids for CVE-2017-7536
-
The product uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes or code.Assigned by: nvd@nist.gov (Primary)
-
Assigned by: secalert@redhat.com (Secondary)
References for CVE-2017-7536
-
https://access.redhat.com/errata/RHSA-2017:2809
RHSA-2017:2809 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:2740
RHSA-2018:2740 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:2811
RHSA-2017:2811 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:2808
RHSA-2017:2808 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:2810
RHSA-2017:2810 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:2927
RHSA-2018:2927 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:3458
RHSA-2017:3458 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:3817
RHSA-2018:3817 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:3456
RHSA-2017:3456 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
http://www.securitytracker.com/id/1039744
Red Hat Enterprise Virtualization Multiple Flaws Let Remote Users Execute Arbitrary Code and Local Users Determine Passwords and Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2017:3455
RHSA-2017:3455 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=1465573
1465573 – (CVE-2017-7536) CVE-2017-7536 hibernate-validator: Privilege escalation when running under the security managerIssue Tracking;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:2741
RHSA-2018:2741 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:2742
RHSA-2018:2742 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E
[GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities - Pony MailIssue Tracking;Third Party Advisory
-
http://www.securityfocus.com/bid/101048
Red Hat Hibernate Validator CVE-2017-7536 Local Privilege Escalation VulnerabilityThird Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2017:3141
RHSA-2017:3141 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2018:2743
RHSA-2018:2743 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2017:3454
RHSA-2017:3454 - Security Advisory - Red Hat Customer PortalVendor Advisory
Jump to