Intrusion PreventionApache.Commons.FileUpload.DiskFileItem.Deserialization
Description
This indicates an attack attempt against an Insecure Desrialization vulnerability in Apache Commons Collections library.
The vulnerability is caused by deseralization of untrusted data due to a vulnerable version of Apache-Commons-FileUpload library in the software. An unauthenticated remote attacker is able to send a crafted serialized object to the target system and upload an arbitrary file.
Affected Products
Apache Commons FileUpload before 1.3.3
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
https://issues.apache.org/jira/browse/FILEUPLOAD-279
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-04-26 | 23.541 | Sig Added |
| 2021-12-07 | 19.211 | Sig Added |
| 2021-12-07 | 19.209 | Sig Added |
| 2019-06-10 | 14.629 | Severity:high:critical |
| 2018-12-04 | 13.502 | Sig Added |
| 2018-11-13 | 13.489 | Sig Added |
| 2018-11-07 | 13.486 | Name:Oracle. WebLogic. Server. Commons. FileUpload. Deserialization:Apache. Commons. FileUpload. DiskFileItem. Deserialization |
| ID | 42804 |
| Created | Aug 16, 2016 |
| Updated | Apr 25, 2023 |
| Risk |
|
| CVE ID | CVE-2016-1000031 CVE-2013-2186 |
| Exploit Prediction Score | 5.87% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Apache, Oracle |