JBoss RichFaces CVE-2018-10848 Remote Code Execution Vulnerability
BID:104506
Info
JBoss RichFaces CVE-2018-10848 Remote Code Execution Vulnerability
| Bugtraq ID: | 104506 |
| Class: | Unknown |
| CVE: |
CVE-2018-10848 |
| Remote: | Yes |
| Local: | No |
| Published: | May 30 2018 12:00AM |
| Updated: | May 30 2018 12:00AM |
| Credit: | CodeWhite |
| Vulnerable: |
Redhat Richfaces 4.5.17 Redhat Richfaces 4.5.16 Redhat Richfaces 4.5.14 Redhat Richfaces 4.5.13 Redhat Richfaces 4.5.12 Redhat Richfaces 4.5.11 Redhat Richfaces 4.5.10 Redhat Richfaces 4.5.3 Redhat Richfaces 4.5.4 |
| Not Vulnerable: | |
Exploit / POC
JBoss RichFaces CVE-2018-10848 Remote Code Execution Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: \"mailto:[email protected]\".
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: \"mailto:[email protected]\".
Solution / Fix
JBoss RichFaces CVE-2018-10848 Remote Code Execution Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
JBoss RichFaces CVE-2018-10848 Remote Code Execution Vulnerability
References:
References:
- RichFaces Homepage (JBoss Community)
- Bug 1584492 CVE-2018-10848 RichFaces: Injection of arbitrary EL variable mapper (Redhat)
- CVE-2018-10848 (Redhat)