Vulnerability Database

296,748

Total vulnerabilities in the database

CVE-2019-16891

Liferay Portal CE 6.2.5 allows remote command execution because of deserialization of a JSON payload.

  • Published: Oct 4, 2019
  • Updated: May 9, 2024
  • CVE: CVE-2019-16891
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
liferay / liferay_portal 7.1.0-a1 7.1.0-a1.x
liferay / liferay_portal 7.1.0-a2 7.1.0-a2.x
liferay / liferay_portal 7.1.0-b1 7.1.0-b1.x
liferay / liferay_portal 7.1.0-b2 7.1.0-b2.x
liferay / liferay_portal 7.1.0-b3 7.1.0-b3.x
liferay / liferay_portal 7.1.0-ga1 7.1.0-ga1.x
liferay / liferay_portal 7.1.0-m1 7.1.0-m1.x
liferay / liferay_portal 7.1.0-m2 7.1.0-m2.x
liferay / liferay_portal 7.1.0-rc1 7.1.0-rc1.x
liferay / liferay_portal 7.0.6-ga7 7.0.6-ga7.x
liferay / liferay_portal 7.0.5-ga6 7.0.5-ga6.x
liferay / liferay_portal 7.0.4-ga5 7.0.4-ga5.x
liferay / liferay_portal 7.0.3-ga4 7.0.3-ga4.x
liferay / liferay_portal 7.0.2-ga3 7.0.2-ga3.x
liferay / liferay_portal 7.0.1-ga2 7.0.1-ga2.x
liferay / liferay_portal 7.0.0-a1 7.0.0-a1.x
liferay / liferay_portal 7.0.0-a2 7.0.0-a2.x
liferay / liferay_portal 7.0.0-a3 7.0.0-a3.x
liferay / liferay_portal 7.0.0-a4 7.0.0-a4.x
liferay / liferay_portal 7.0.0-a5 7.0.0-a5.x
liferay / liferay_portal 7.0.0-b1 7.0.0-b1.x
liferay / liferay_portal 7.0.0-b2 7.0.0-b2.x
liferay / liferay_portal 7.0.0-b3 7.0.0-b3.x
liferay / liferay_portal 7.0.0-b4 7.0.0-b4.x
liferay / liferay_portal 7.0.0-b5 7.0.0-b5.x
liferay / liferay_portal 7.0.0-b6 7.0.0-b6.x
liferay / liferay_portal 7.0.0-b7 7.0.0-b7.x
liferay / liferay_portal 7.0.0-ga1 7.0.0-ga1.x
liferay / liferay_portal 7.0.0-m1 7.0.0-m1.x
liferay / liferay_portal 7.0.0-m2 7.0.0-m2.x
liferay / liferay_portal 7.0.0-m3 7.0.0-m3.x
liferay / liferay_portal 7.0.0-m4 7.0.0-m4.x
liferay / liferay_portal 7.0.0-m5 7.0.0-m5.x
liferay / liferay_portal 7.0.0-m6 7.0.0-m6.x
liferay / liferay_portal 7.0.0-m7 7.0.0-m7.x
liferay / liferay_portal 6.2.5-ga6 6.2.5-ga6.x
liferay / liferay_portal 6.2.4-ga5 6.2.4-ga5.x
liferay / liferay_portal 6.2.3-ga4 6.2.3-ga4.x
liferay / liferay_portal 6.2.2-ga3 6.2.2-ga3.x
liferay / liferay_portal 6.2.1-ga2 6.2.1-ga2.x
liferay / liferay_portal 6.2.0-b1 6.2.0-b1.x
liferay / liferay_portal 6.2.0-b2 6.2.0-b2.x
liferay / liferay_portal 6.2.0-ga1 6.2.0-ga1.x
liferay / liferay_portal 6.2.0-m1 6.2.0-m1.x
liferay / liferay_portal 6.2.0-m2 6.2.0-m2.x
liferay / liferay_portal 6.2.0-m3 6.2.0-m3.x
liferay / liferay_portal 6.2.0-m4 6.2.0-m4.x
liferay / liferay_portal 6.2.0-m5 6.2.0-m5.x
liferay / liferay_portal 6.2.0-m6 6.2.0-m6.x
liferay / liferay_portal 6.2.0-rc1 6.2.0-rc1.x
liferay / liferay_portal 6.2.0-rc2 6.2.0-rc2.x
liferay / liferay_portal 6.2.0-rc3 6.2.0-rc3.x
liferay / liferay_portal 6.2.0-rc4 6.2.0-rc4.x
liferay / liferay_portal 6.2.0-rc5 6.2.0-rc5.x
liferay / liferay_portal 6.2.0-rc6 6.2.0-rc6.x
liferay / liferay_portal 6.1.2-ga3 6.1.2-ga3.x
liferay / liferay_portal 6.1.1-ga2 6.1.1-ga2.x
liferay / liferay_portal 6.1.0-b1 6.1.0-b1.x
liferay / liferay_portal 6.1.0-b2 6.1.0-b2.x
liferay / liferay_portal 6.1.0-b3 6.1.0-b3.x
liferay / liferay_portal 6.1.0-b4 6.1.0-b4.x
liferay / liferay_portal 6.1.0-ga1 6.1.0-ga1.x
liferay / liferay_portal 6.1.0-rc1 6.1.0-rc1.x
liferay / liferay_portal - 6.0.6.x
liferay / liferay_portal 7.1.1-ga2 7.1.1-ga2.x
liferay / liferay_portal 7.1.2-ga3 7.1.2-ga3.x
liferay / liferay_portal 7.1.3-ga4 7.1.3-ga4.x
liferay / liferay_portal 7.2.0-alpha1 7.2.0-alpha1.x
liferay / liferay_portal 7.2.0-beta1 7.2.0-beta1.x
liferay / liferay_portal 7.2.0-beta2 7.2.0-beta2.x
liferay / liferay_portal 7.2.0-beta3 7.2.0-beta3.x
liferay / liferay_portal 7.2.0-rc2 7.2.0-rc2.x
liferay / liferay_portal 7.2.0-rc3 7.2.0-rc3.x
liferay / liferay_portal 7.2.0-m2 7.2.0-m2.x
liferay / liferay_portal 7.2.0-rc1 7.2.0-rc1.x