CVE-2017-12149: Red Hat JBoss Application Server Remote Code Execution
Red Hat JBoss Application Server Remote Code Execution Vulnerability. The JBoss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data.
- CISA KEV-listed (remediation due 2022-06-10)
- used in ransomware campaigns
- EPSS 94.3% (99.9% percentile)