⚠ Actively exploited

Added to CISA KEV on 2021-11-03. Federal agencies required to patch by 2022-05-03. Required action: Apply updates per vendor instructions..

CVE-2020-7961 — Deserialization of Untrusted Data in Portal

CWE-502 — Deserialization of Untrusted Data20 documents13 sources

Severity

9.8CRITICALNVD

EPSS

94.4%

top 0.02%

CISA KEV

KEV

Added 2021-11-03

Due 2022-05-03

Exploit

Exploited in wild

Active exploitation observed

Affected products

Liferay Portal

Timeline

PublishedMar 20

KEV addedNov 3

KEV dueMay 3

Latest updateOct 25

CISA Required Action: Apply updates per vendor instructions.

Description

Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDliferay/liferay_portal< 7.2.1

🔴Vulnerability Details

GHSA

Deserialization of Untrusted Data in Liferay Portal↗2022-05-24

▶

OSV

Deserialization of Untrusted Data in Liferay Portal↗2022-05-24

▶

CVEList

CVE-2020-7961: Deserialization of Untrusted Data in Liferay Portal prior to 7↗2020-03-20

▶

VulnCheck

Liferay Portal Deserialization of Untrusted Data Vulnerability↗2020

▶

💥Exploits & PoCs

Exploit-DB

Liferay Portal - Java Unmarshalling via JSONWS RCE (Metasploit)↗2020-04-16

▶

Nuclei

Liferay Security Checks

▶

Metasploit

Liferay Portal Java Unmarshalling via JSONWS RCE↗

▶

Nuclei

Liferay Login Panel - Detect

▶

Nuclei

Liferay Portal Unauthenticated < 7.2.1 CE GA2 - Remote Code Execution

▶

🔍Detection Rules

Suricata

ET WEB_SPECIFIC_APPS Liferay Unauthenticated RCE via JSONWS Inbound (CVE-2020-7961)↗2021-01-29

▶

Suricata

ET EXPLOIT 401TRG Liferay RCE (CVE-2020-7961)↗2020-12-11

▶

📋Vendor Advisories

CISA

Liferay Portal Deserialization of Untrusted Data Vulnerability↗2021-11-03

▶