|Check Point Reference:||CPAI-2020-1346|
|Date Published:||27 Dec 2020|
|Last Updated:||7 Feb 2021|
|Protection Provided by:||
|Who is Vulnerable?||FasterXML jackson-databind 2.x prior to 126.96.36.199|
|Vulnerability Description||FasterXML jackson-databind is a java library that contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor, under the right conditions, exploit Java applications performing unsafe deserialization of objects. Successful exploitation of unsafe deserialization objects could lead to remote code or command execution abilities, or may obtain sensitive information.|
This protection detects attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Web Client Enforcement Violation.
Attack Information: FasterXML jackson-databind Remote Code Execution