CVE-2019-16943 : Security Advisory and Response
CVE-2019-16943 allows attackers to execute harmful code through an RMI service endpoint in FasterXML jackson-databind versions 2.0.0 to 2.9.10. Learn about the impact, affected systems, exploitation, and mitigation steps.
A Polymorphic Typing problem in FasterXML jackson-databind versions 2.0.0 to 2.9.10 allows attackers to execute harmful code through an RMI service endpoint. This vulnerability arises from mishandling com.p6spy.engine.spy.P6DataSource.
Understanding CVE-2019-16943
This CVE involves a security issue in FasterXML jackson-databind versions 2.0.0 to 2.9.10.
What is CVE-2019-16943?
CVE-2019-16943 is a Polymorphic Typing vulnerability in FasterXML jackson-databind versions 2.0.0 to 2.9.10.
The Impact of CVE-2019-16943
- Attackers can execute malicious code through an RMI service endpoint.
- The vulnerability stems from mishandling com.p6spy.engine.spy.P6DataSource.
Technical Details of CVE-2019-16943
This section provides more technical insights into the CVE.
Vulnerability Description
The vulnerability allows harmful code execution through an RMI service endpoint.
Affected Systems and Versions
- FasterXML jackson-databind versions 2.0.0 to 2.9.10
Exploitation Mechanism
- Default Typing feature enabled for a JSON endpoint accessible to external sources
- Presence of the p6spy (3.8.6) jar in the classpath
Mitigation and Prevention
Protect your systems from CVE-2019-16943 with these strategies.
Immediate Steps to Take
- Disable Default Typing feature for JSON endpoints
- Remove the p6spy (3.8.6) jar from the classpath
- Implement network segmentation to limit RMI service endpoint access
Long-Term Security Practices
- Regularly update software and libraries
- Conduct security audits and penetration testing
- Educate developers on secure coding practices
Patching and Updates
- Apply patches and updates provided by FasterXML to address this vulnerability.