CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2018-14667

CVSS 9.8v3.1pub. 2018-11-06upd. 2025-11-03

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Red Hat Enterprise Linux

    OS
    Redhat
    5.06.0
  • Red Hat Richfaces

    APP
    Redhat
    3.1.0 – 3.3.4

CISA KEV — detailsi

Vendori
Red Hat
Producti
JBoss RichFaces Framework
Added to KEVi
September 28, 2023
Remediation deadline (US Federal)i
October 19, 2023(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Red Hat JBoss RichFaces Framework contains an expression language injection vulnerability via the UserResource resource. A remote, unauthenticated attacker could exploit this vulnerability to execute malicious code using a chain of Java serialized objects via org.ajax4jsf.resource.UserResource$UriData.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 19 października 2023
Tags
RCEAuth Bypass
CWE
References

Related vulnerabilities

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2021-40438CRITICAL9.0⚠ KEVten sam produkt

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...

CVE-2014-7169CRITICAL9.8⚠ KEVten sam produkt

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the...

CVE-2014-6271CRITICAL9.8⚠ KEVten sam produkt

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variab...

CVE-2013-2251CRITICAL9.8⚠ KEVten sam produkt

Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a paramet...