CVE-2019-16942

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.

Published: Oct 1, 2019
Updated: Nov 8, 2023
CVE: CVE-2019-16942
GHSA: GHSA-mx7p-6679-8g3q
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-502

OWASP TOP 10:

A8 - Insecure Deserialization

Affected Software
References

Software	From	Fixed in
fasterxml / jackson-databind	2.8.0	2.8.11.5
fasterxml / jackson-databind	2.9.0	2.9.10.1
debian / debian_linux	8.0	8.0.x
debian / debian_linux	9.0	9.0.x
debian / debian_linux	10.0	10.0.x
fedoraproject / fedora	30	30.x
fedoraproject / fedora	31	31.x
redhat / jboss_enterprise_application_platform	7.2.0	7.2.0.x
redhat / jboss_enterprise_application_platform	7.3	7.3.x
netapp / active_iq_unified_manager	7.3	7.3.x
netapp / active_iq_unified_manager	9.5	9.5.x
oracle / primavera_unifier	16.2	16.2.x
oracle / banking_platform	2.4.0	2.4.0.x
oracle / jd_edwards_enterpriseone_tools	9.2	9.2.x
oracle / banking_platform	2.4.1	2.4.1.x
oracle / banking_platform	2.5.0	2.5.0.x
oracle / primavera_unifier	16.1	16.1.x
oracle / weblogic_server	12.2.1.3.0	12.2.1.3.0.x
oracle / webcenter_portal	12.2.1.3.0	12.2.1.3.0.x
oracle / database_server	12.2.0.1	12.2.0.1.x
oracle / webcenter_sites	12.2.1.3.0	12.2.1.3.0.x
oracle / database_server	18c	18c.x
oracle / jd_edwards_enterpriseone_orchestrator	9.2	9.2.x
oracle / banking_platform	2.6.0	2.6.0.x
oracle / banking_platform	2.6.1	2.6.1.x
oracle / banking_platform	2.6.2	2.6.2.x
oracle / primavera_unifier	18.8	18.8.x
oracle / database_server	19c	19c.x
oracle / primavera_unifier	17.7	17.12.x
oracle / weblogic_server	12.2.1.4.0	12.2.1.4.0.x
oracle / primavera_unifier	19.12	19.12.x
oracle / webcenter_sites	12.2.1.4.0	12.2.1.4.0.x
oracle / webcenter_portal	12.2.1.4.0	12.2.1.4.0.x
oracle / communications_billing_and_revenue_management	12.0.0.3.0	12.0.0.3.0.x
oracle / communications_billing_and_revenue_management	7.5.0.23.0	7.5.0.23.0.x
oracle / siebel_engineering_-_installer_&_deployment	-	2.20.5.x
oracle / retail_sales_audit	14.1	14.1.x
oracle / retail_merchandising_system	15.0.3	15.0.3.x
oracle / retail_merchandising_system	16.0.2	16.0.2.x
oracle / retail_merchandising_system	16.0.3	16.0.3.x
oracle / global_lifecycle_management_nextgen_oui_framework	13.9.4.2.2	13.9.4.2.2.x
oracle / global_lifecycle_management_nextgen_oui_framework	12.2.1.4.0	12.2.1.4.0.x
oracle / global_lifecycle_management_nextgen_oui_framework	12.2.1.3.0	12.2.1.3.0.x
oracle / banking_platform	2.7.0	2.7.0.x
oracle / banking_platform	2.7.1	2.7.1.x
oracle / banking_platform	2.9.0	2.9.0.x
oracle / primavera_gateway	19.12.0	19.12.0.x
oracle / primavera_gateway	18.8.0	18.8.8.x
oracle / communications_evolved_communications_application_server	7.1	7.1.x
oracle / communications_calendar_server	8.0.0.3.0	8.0.0.3.0.x
oracle / communications_calendar_server	8.0.0.2.0	8.0.0.2.0.x
oracle / goldengate_application_adapters	19.1.0.0.0	19.1.0.0.0.x
oracle / primavera_gateway	17.12.0	17.12.6.x
oracle / siebel_ui_framework	-	20.5.x
oracle / siebel_ui_framework	20.6	20.6.x
oracle / communications_cloud_native_core_network_slice_selection_function	1.2.1	1.2.1.x
com.fasterxml.jackson.core / jackson-databind	2.0.0	2.9.10.1
fasterxml / jackson-databind	2.0.0	2.6.7.3

Vulnerability Database

289,599

CVE-2019-16942