CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Nov 17, 2021
Description
ForgeRock Access Management (AM) Core Server allows an attacker who sends a specially crafted HTTP request to one of three endpoints (/ccversion/Version, /ccversion/Masthead, or /ccversion/ButtonFrame) to execute code in the context of the current user (unless ForgeRock AM is running as root user, which the vendor does not recommend).
CVSS Score
9.8/ 10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HEPSS — Exploit Probability
94.4%
Higher than 100.0% of all CVEs
Weakness Classification (CWE)
Known Exploits
POChttp://packetstormsecurity.com/files/163486/ForgeRock-OpenAM-Jato-Java-Deserialization.htmlExploithttp://packetstormsecurity.com/files/163525/ForgeRock-Access-Manager-OpenAM-14.6.3-Remote-Code-Execution.htmlExploithttps://backstage.forgerock.com/knowledge/kb/article/a47894244Exploithttp://packetstormsecurity.com/files/163486/ForgeRock-OpenAM-Jato-Java-Deserialization.htmlExploithttp://packetstormsecurity.com/files/163525/ForgeRock-Access-Manager-OpenAM-14.6.3-Remote-Code-Execution.htmlExploithttps://backstage.forgerock.com/knowledge/kb/article/a47894244Exploit
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2021-35464
Risk Assessment
CRITICALIn CISA KEV
Known exploit
Critical CVSS
High EPSS
Ransomware
Details
- Severity
- High
- CVSS
- 9.8
- EPSS
- 94.4%
- CWE
- CWE-502
- Exploit
- POC
- CISA KEV
- Yes
- Ransomware
- Known
- Articles
- 0
Timeline
Published
Nov 3, 2021
Added to KEV
Nov 3, 2021
Remediation Due
Nov 17, 2021