CVE-2016-9498
published 2018-07-13CVE-2016-9498: ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects. The vulnerability can be exploited by remote…
PriorityP276critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
22.01%
97.4th percentile
ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects. The vulnerability can be exploited by remote user without authentication and it allows to execute remote code compromising the application as well as the operating system. As Application Manager's RMI registry is running with privileges of system administrator, by exploiting this vulnerability an attacker gains highest privileges on the underlying operating system.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| manageengine | applications_manager | — | — |
| manageengine | applications_manager | — | — |
| w1.fi | wpa_supplicant | >= 0 < 2.1-0ubuntu1.7 | 2.1-0ubuntu1.7 |
| w1.fi | wpa_supplicant | >= 0 < 2.4-0ubuntu6.4 | 2.4-0ubuntu6.4 |
| w1.fi | wpa_supplicant | >= 0 < 2:2.6-15ubuntu2.2 | 2:2.6-15ubuntu2.2 |
| zohocorp | manageengine_applications_manager | — | — |
| zohocorp | manageengine_applications_manager | — | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-c3x4-w2jm-v6m5: ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects
ghsa_unreviewed·2022-05-13
CVE-2016-9498 [CRITICAL] CWE-502 GHSA-c3x4-w2jm-v6m5: ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects
ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe Java objects. The vulnerability can be exploited by remote user without authentication and it allows to execute remote code compromising the application as well as the operating system. As Application Manager's RMI registry is running with privileges of system administrator, by exploiting this vulnerability an attacker gains highest privileges on the underlying operating system.
OSV
wpa vulnerabilities
osv·2019-04-10·CVSS 7.5
CVE-2019-9495 wpa vulnerabilities
wpa vulnerabilities
It was discovered that wpa_supplicant and hostapd were vulnerable to a
side channel attack against EAP-pwd. A remote attacker could possibly use
this issue to recover certain passwords. (CVE-2019-9495)
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly
validated received scalar and element values in EAP-pwd-Commit messages. A
remote attacker could possibly use this issue to perform a reflection
attack and authenticate without the appropriate password. (CVE-2019-9497,
CVE-2019-9498, CVE-2019-9499)
It was discovered that hostapd incorrectly handled obtaining random
numbers. In rare cases where the urandom device isn't available, it would
fall back to using a low-quality PRNG. This issue only affected Ubuntu
14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-10
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2017/Apr/9https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2016-9498.htmlhttps://www.securityfocus.com/bid/97394/http://seclists.org/fulldisclosure/2017/Apr/9https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2016-9498.htmlhttps://www.securityfocus.com/bid/97394/
2018-07-13
Published