The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath.
References
Link Providers
http://mail-archives.apache.org/mod_mbox/activemq-users/201609.mbox/%3CCAH6wpnqzeNtpykT7emtDU1-GV7AvjFP5-YroWcCC4UZyQEFvtA%40mail.gmail.com%3E cve-icon cve-icon
http://www.securityfocus.com/bid/93142 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:1834 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:1835 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:1836 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:1837 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:3454 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:3455 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:3456 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:3458 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1447 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1448 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1449 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1450 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2018:1451 cve-icon cve-icon
https://lists.apache.org/thread.html/7260bd0955c12aac5bd892039d3356ba3aa0ff4caaf2aa4fd4fe84a2%40%3Cissues.activemq.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/d4ffbc6a43a915324a394b2913ceb7d07bc352f2d08caa19df0aff02%40%3Cissues.activemq.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rb2fd3bf2dce042e0ab3f3c94c4767c96bb2e7e6737624d63162df36d%40%3Ccommits.activemq.apache.org%3E cve-icon cve-icon
https://lists.apache.org/thread.html/rc96ad63f148f784c84ea7f0a178c84a8985c6afccabbcd9847a82088%40%3Ccommits.activemq.apache.org%3E cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2016-4978 cve-icon
https://www.blackhat.com/docs/us-16/materials/us-16-Kaiser-Pwning-Your-Java-Messaging-With-Deserialization-Vulnerabilities.pdf cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2016-4978 cve-icon
History

Fri, 23 Aug 2024 05:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2016-09-27T15:00:00

Updated: 2024-08-06T00:46:40.193Z

Reserved: 2016-05-24T00:00:00

Link: CVE-2016-4978

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2016-09-27T15:59:01.673

Modified: 2024-11-21T02:53:21.087

Link: CVE-2016-4978

cve-icon Redhat

Severity : Moderate

Publid Date: 2016-09-23T00:00:00Z

Links: CVE-2016-4978 - Bugzilla