Vulnerability — CVE-2021-35464

CVE-2021-35464

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2021-35464
Description:: ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server. The vulnerability exists due to the usage of Sun ONE Application Framework (JATO) found in versions of Java 8 or earlier
Last updated date:: 08/02/2021

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 07/12/2021
Reference url to background: https://twitter.com/USCERT_gov/status/1414616391219433475?

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 11/03/2021
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/09/2021
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/cve_2021_35464_forgerock_openam.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/02/2021
Reference url to background: http://packetstormsecurity.com/files/163486/ForgeRock-OpenAM-Jato-Java-Deserialization.html

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/02/2021
Reference url to background: http://packetstormsecurity.com/files/163525/ForgeRock-Access-Manager-OpenAM-14.6.3-Remote-Code-Execution.html

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/02/2021
Reference url to background: https://backstage.forgerock.com/knowledge/kb/article/a47894244