Is CVE-2020-26217 being actively exploited?

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 85%.

What products does CVE-2020-26217 affect?

Tracked products affected include ActiveMQ. Check the version you run to see whether it is affected.

How do I fix CVE-2020-26217?

Apply the vendor fix promptly. An official patch or advisory is available. Upgrade affected products to a fixed version.

← All products

CVE-2020-26217

Q: What is CVE-2020-26217?

CVE-2020-26217 is a high-severity software vulnerability (OS command injection) with a CVSS score of 8. XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affect

HIGH severity · CVSS 8 · OS command injection

8CVSS HIGH

Summary

XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. The issue is fixed in version 1.4.14.

Impact & exploitability

Attack vectorNetwork

Attack complexityHigh

Privileges requiredLow

User interactionRequired

Confidentiality impactHigh

Integrity impactHigh

Availability impactHigh

Exploit probability (EPSS)85%

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Affected products we track (1)

ActiveMQ

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Official patch: https://github.com/x-stream/xstream/commit/0fec095d534126931c99fd38e9c6d41f5c685c1a ↗

CVE-2020-26217

Summary

Impact & exploitability

Affected products we track (1)

Recommendation

Additional information