CVE-2017-5929

Name of the Vulnerable Software and Affected Versions QOS.ch Logback versions prior to 1.2.0

Description The issue is related to a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. This vulnerability allows an attacker to exploit the deserialization of untrusted data, potentially leading to the execution of arbitrary code. The RemoteStreamAppenderClient class in logback-classic and the SocketNode classes in logback-classic and logback-access enable data deserialization over a Java Socket via an ObjectInputStream without prior validation. An attacker can send malicious, serialized Java objects over the connection, which may result in arbitrary code execution when deserialized.

Recommendations For QOS.ch Logback versions prior to 1.2.0, update to version 1.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the SocketServer and ServerSocketReceiver components to minimize the risk of exploitation. Additionally, avoid using the ObjectInputStream to deserialize data from untrusted sources until the issue is resolved.