Vulnerability Note VU#586503
Chef Manage deserializes cookie data insecurely
Chef Manage add-on, version 1.11.4 and earlier, deserializes cookie data insecurely, which may be leveraged to gain unauthenticated remote code execution.
CWE-502: Deserialization of Untrusted Data - CVE-2016-4326
Chef with the Chef Manage (previously known as 'opscode-manage') add-on enabled deserializes user-provided cookie data without properly validating it first. An unauthenticated attacker can provide specially crafted cookie data that, when deserialized, results in the execution of arbitrary code with the web server's privileges.
A remote, unauthenticated attacker can provide specially crafted cookie data that, when deserialized, will execute arbitrary code with the privileges of the web server.
Apply an update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Chef Software||Affected||29 Mar 2016||13 May 2016|
CVSS Metrics (Learn More)
Thanks to Henrik Ferdinand Nölscher of Code-White GmbH for reporting this vulnerability.
This document was written by Joel Land.
- CVE IDs: CVE-2016-4326
- Date Public: 17 May 2016
- Date First Published: 17 May 2016
- Date Last Updated: 17 May 2016
- Document Revision: 16
If you have feedback, comments, or additional information about this vulnerability, please send us email.