module
ForgeRock / OpenAM Jato Java Deserialization
| Disclosed | Created |
|---|---|
| 2021-06-29 | 2021-07-10 |
Disclosed
2021-06-29
Created
2021-07-10
Description
This module leverages a pre-authentication remote code execution vulnerability in the OpenAM identity and
access management solution. The vulnerability arises from a Java deserialization flaw in OpenAM’s
implementation of the Jato framework and can be triggered by a simple one-line GET or POST request to a
vulnerable endpoint. Successful exploitation yields code execution on the target system as the service user.
This vulnerability also affects the ForgeRock identity platform which is built on top of OpenAM and is thus
is susceptible to the same issue.
access management solution. The vulnerability arises from a Java deserialization flaw in OpenAM’s
implementation of the Jato framework and can be triggered by a simple one-line GET or POST request to a
vulnerable endpoint. Successful exploitation yields code execution on the target system as the service user.
This vulnerability also affects the ForgeRock identity platform which is built on top of OpenAM and is thus
is susceptible to the same issue.
Authors
Michael Stepankin
bwatters-r7
Spencer McIntyre
jheysel-r7
bwatters-r7
Spencer McIntyre
jheysel-r7
Platform
Linux,Unix
Architectures
cmd, x86, x64
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.