CVE-2017-5645 vulnerability in Apache and Other Products
Published on April 17, 2017
Vulnerability Analysis
CVE-2017-5645 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.
What is a Marshaling, Unmarshaling Vulnerability?
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
CVE-2017-5645 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.
Products Associated with CVE-2017-5645
You can be notified by stack.watch whenever vulnerabilities like CVE-2017-5645 are published in these products:
What versions are vulnerable to CVE-2017-5645?
- Apache Log4j Version 2.0 Fixed in Version 2.8.2
- NetApp Oncommand Api Services Version -
- NetApp Oncommand Insight Version -
- NetApp Oncommand Workflow Automation Version -
- NetApp Snapcenter Version -
- NetApp Storage Automation Store Version -
- NetApp Service Level Manager Version -
- Red Hat Fuse Version 1.0
- Red Hat Enterprise Linux (RHEL) Version 6.0
- Red Hat Enterprise Linux (RHEL) Version 6.7
- Red Hat Enterprise Linux (RHEL) Version 7.0
- Red Hat Enterprise Linux (RHEL) Version 7.3
- Red Hat Enterprise Linux (RHEL) Version 7.4
- Red Hat Enterprise Linux (RHEL) Version 7.5
- Red Hat Enterprise Linux (RHEL) Version 7.6
- Red Hat Enterprise Linux Desktop Version 7.0
- Red Hat Enterprise Linux Server Version 7.0
- Red Hat Enterprise Linux Server Aus Version 7.4
- Red Hat Enterprise Linux Server Aus Version 7.6
- Red Hat Enterprise Linux Server Eus Version 7.4
- Red Hat Enterprise Linux Server Eus Version 7.5
- Red Hat Enterprise Linux Server Eus Version 7.6
- Red Hat Enterprise Linux Server Tus Version 7.4
- Red Hat Enterprise Linux Server Tus Version 7.6
- Red Hat Enterprise Linux Workstation Version 7.0
- Oracle Api Gateway Version 11.1.2.4.0
- Oracle Application Testing Suite Version 13.3.0.1
- Oracle Autovue Vuelink Integration Version 21.0.0
- Oracle Autovue Vuelink Integration Version 21.0.1
- Oracle Banking Platform Version 2.6.0
- Oracle Banking Platform Version 2.6.1
- Oracle Banking Platform Version 2.6.2
- Oracle Bi Publisher Version 11.1.1.7.0
- Oracle Bi Publisher Version 11.1.1.9.0
- Oracle Bi Publisher Version 12.2.1.3.0
- Oracle Bi Publisher Version 12.2.1.4.0
- Oracle Communications Converged Application Server Service Controller Version 6.1
- Oracle Communications Instant Messaging Server Version 10.0.1.3.0
- Oracle Communications Interactive Session Recorder Version 6.0 through 6.2
- Oracle Communications Messaging Server Fixed in Version 8.0.2
- Oracle Communications Network Integrity Version 7.3.2 through 7.3.6
- Oracle Communications Online Mediation Controller Version 6.1
- Oracle Communications Pricing Design Center Version 11.1
- Oracle Communications Pricing Design Center Version 12.0
- Oracle Communications Service Broker Version 6.0
- Oracle Communications Webrtc Session Controller Fixed in Version 7.2
- Oracle Configuration Manager Version 12.1.2.0.2
- Oracle Configuration Manager Version 12.1.2.0.5
- Oracle Endeca Information Discovery Studio Version 3.2.0
- Oracle Enterprise Data Quality Version 12.2.1.3.0
- Oracle Enterprise Manager Base Platform Version 12.1.0.5
- Oracle Enterprise Manager Base Platform Version 13.2.0.0
- Oracle Enterprise Manager Fusion Middleware Version 12.1.0.5
- Oracle Enterprise Manager Fusion Middleware Version 13.2.0.0
- Oracle Enterprise Manager Mysql Database Up to Version 13.2.2.0.0
- Enterprise Manager Oracle Database Version 12.1.0.8
- Enterprise Manager Oracle Database Version 13.2.2
- Oracle Enterprise Manager Peoplesoft Version 13.1.1.1
- Oracle Enterprise Manager Peoplesoft Version 13.2.1.1
- Oracle Financial Services Analytical Applications Infrastructure Version 7.3.3.0.0 through 7.3.3.0.2
- Oracle Financial Services Analytical Applications Infrastructure Version 8.0.0.0.0 through 8.0.7.0.0
- Oracle Financial Services Behavior Detection Platform Version 6.1.1
- Oracle Financial Services Behavior Detection Platform Version 8.0.0.0.0 through 8.0.4.0.0
- Oracle Financial Services Hedge Management Ifrs Valuations Version 8.0.4
- Oracle Financial Services Hedge Management Ifrs Valuations Version 8.0.5
- Oracle Financial Services Lending Leasing Version 12.5.0
- Oracle Financial Services Lending Leasing Version 14.1.0 through 14.8.0
- Oracle Financial Services Loan Loss Forecasting Provisioning Version 8.0.4
- Oracle Financial Services Loan Loss Forecasting Provisioning Version 8.0.5
- Oracle Financial Services Profitability Management Version 6.1.1
- Oracle Financial Services Profitability Management Version 8.0.0.0.0 through 8.0.7.0.0
- Oracle Financial Services Regulatory Reporting With Agilereporter Version 8.0.9.2.0
- Oracle Flexcube Investor Servicing Version 12.0.4
- Oracle Flexcube Investor Servicing Version 12.1.0
- Oracle Flexcube Investor Servicing Version 12.3.0
- Oracle Flexcube Investor Servicing Version 12.4.0
- Oracle Flexcube Investor Servicing Version 14.0.0
- Oracle Fusion Middleware Mapviewer Version 12.2.1.2
- Oracle Fusion Middleware Mapviewer Version 12.2.1.3
- Oracle Goldengate Version 12.3.2.1.1
- Oracle Goldengate Application Adapters Version 12.3.2.1.1
- Oracle Identity Analytics Version 11.1.1.5.8
- Oracle Identity Management Suite Version 11.1.2.3.0
- Oracle Identity Management Suite Version 12.2.1.3.0
- Oracle Identity Manager Connector Version 9.0
- Oracle Memory Performance Driven Planning Version 12.1
- Oracle Memory Performance Driven Planning Version 12.2
- Oracle Instantis Enterprisetrack Version 17.1 through 17.3
- Oracle Insurance Calculation Engine Version 10.1.1
- Oracle Insurance Calculation Engine Version 10.2.1
- Oracle Insurance Policy Administration Version 10.0
- Oracle Insurance Policy Administration Version 10.1
- Oracle Insurance Policy Administration Version 10.2
- Oracle Insurance Policy Administration Version 11.0
- Oracle Insurance Rules Palette Version 10.0
- Oracle Insurance Rules Palette Version 10.1
- Oracle Insurance Rules Palette Version 10.2
- Oracle Insurance Rules Palette Version 11.0
- Oracle Insurance Rules Palette Version 11.1
- Oracle Jd Edwards Enterpriseone Tools Version 4.0.1.0
- Oracle Jd Edwards Enterpriseone Tools Version 9.2
- Oracle Jdeveloper Version 11.1.1.9.0
- Oracle Jdeveloper Version 12.1.3.0.0
- Oracle Jdeveloper Version 12.2.1.3.0
- Oracle Mysql Enterprise Monitor Version 3.4.0.0 through 3.4.7.4297
- Oracle Mysql Enterprise Monitor Version 4.0.0.0 through 4.0.4.5235
- Oracle Mysql Enterprise Monitor Version 8.0.0.0.0 through 8.0.0.8131
- Oracle Peoplesoft Enterprise Fin Install Version 9.2
- Oracle Policy Automation Version 10.4.7
- Oracle Policy Automation Version 12.1.0
- Oracle Policy Automation Version 12.1.1
- Oracle Policy Automation Version 12.2.0
- Oracle Policy Automation Version 12.2.1
- Oracle Policy Automation Version 12.2.2
- Oracle Policy Automation Version 12.2.3
- Oracle Policy Automation Version 12.2.4
- Oracle Policy Automation Version 12.2.5
- Oracle Policy Automation Version 12.2.6
- Oracle Policy Automation Version 12.2.7
- Oracle Policy Automation Version 12.2.8
- Oracle Policy Automation Version 12.2.9
- Oracle Policy Automation Version 12.2.10
- Oracle Policy Automation Connector Siebel Version 10.4.6
- Oracle Policy Automation Mobile Devices Version 10.4.7
- Oracle Policy Automation Mobile Devices Version 12.1.0
- Oracle Policy Automation Mobile Devices Version 12.1.1
- Oracle Policy Automation Mobile Devices Version 12.2.0
- Oracle Policy Automation Mobile Devices Version 12.2.1
- Oracle Policy Automation Mobile Devices Version 12.2.2
- Oracle Policy Automation Mobile Devices Version 12.2.3
- Oracle Policy Automation Mobile Devices Version 12.2.4
- Oracle Policy Automation Mobile Devices Version 12.2.5
- Oracle Policy Automation Mobile Devices Version 12.2.6
- Oracle Policy Automation Mobile Devices Version 12.2.7
- Oracle Policy Automation Mobile Devices Version 12.2.8
- Oracle Policy Automation Mobile Devices Version 12.2.9
- Oracle Policy Automation Mobile Devices Version 12.2.10
- Oracle Primavera Gateway Version 16.2.0 through 16.2.11
- Oracle Primavera Gateway Version 17.12.0 through 17.12.7
- Oracle Rapid Planning Version 12.1
- Oracle Rapid Planning Version 12.2
- Oracle Retail Advanced Inventory Planning Version 14.0
- Oracle Retail Advanced Inventory Planning Version 15.0
- Oracle Retail Clearance Optimization Engine Version 14.0.5
- Oracle Retail Extract Transform Load Version 13.0
- Oracle Retail Extract Transform Load Version 13.1
- Oracle Retail Extract Transform Load Version 13.2
- Oracle Retail Extract Transform Load Version 19.0
- Oracle Retail Integration Bus Version 14.0.0
- Oracle Retail Integration Bus Version 14.1.0
- Oracle Retail Integration Bus Version 15.0
- Oracle Retail Integration Bus Version 16.0
- Oracle Retail Open Commerce Platform Version 5.3.0
- Oracle Retail Open Commerce Platform Version 6.0.0
- Oracle Retail Open Commerce Platform Version 6.0.1
- Oracle Retail Predictive Application Server Version 15.0.3
- Oracle Retail Service Backbone Version 14.1
- Oracle Retail Service Backbone Version 15.0
- Oracle Retail Service Backbone Version 16.0
- Oracle Siebel Ui Framework Version 18.7
- Oracle Siebel Ui Framework Version 18.8
- Oracle Siebel Ui Framework Version 18.9
- Oracle Soa Suite Version 12.1.3.0.0
- Oracle Soa Suite Version 12.2.1.3.0
- Oracle Soa Suite Version 12.2.2.0.0
- Oracle Tape Library Acsls Version 8.4
- Oracle Timesten In Memory Database Version 11.2.2.8.49
- Oracle Utilities Advanced Spatial Operational Analytics Version 2.7.0.1
- Oracle Utilities Work Asset Management Version 1.9.1.2.12
- Oracle Weblogic Server Version 10.3.6.0.0
- Oracle Weblogic Server Version 12.1.3.0.0
- Oracle Weblogic Server Version 12.2.1.3.0
- Oracle Weblogic Server Version 12.2.1.4.0
- Oracle Weblogic Server Version 14.1.1.0.0