CVE-2021-21349 Overview
CVE-2021-21349 is a Server-Side Request Forgery (SSRF) vulnerability affecting XStream, a widely-used Java library for serializing objects to XML and back. This vulnerability allows remote attackers to manipulate the processed input stream to request data from internal resources that are not publicly accessible. The flaw exists in XStream versions prior to 1.4.16 and impacts organizations relying on XStream's default blacklist security configuration rather than implementing a whitelist-based approach.
The vulnerability arises from insufficient input validation during deserialization, enabling attackers to craft malicious XML payloads that trigger requests to internal network resources. This can lead to unauthorized access to sensitive internal services, metadata endpoints, and other backend systems that should not be externally reachable.
Critical Impact
Remote attackers can access internal resources and sensitive data from non-public network services by exploiting the SSRF vulnerability in XStream's deserialization process.
Affected Products
- XStream versions prior to 1.4.16
- Apache ActiveMQ (versions 5.16.0, 5.16.1 and earlier)
- Apache JMeter (affected versions)
- NetApp OnCommand Insight
- Oracle Java SE (7u321, 8u311)
- Oracle GraalVM Enterprise (20.3.4, 21.3.0)
- Oracle Banking Platform (2.4.0, 2.7.1, 2.9.0, 2.12.0)
- Oracle Communications Unified Inventory Management (7.3.2 - 7.4.1)
- Oracle WebCenter Portal (11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0)
- Debian Linux (9.0, 10.0, 11.0)
- Fedora (33, 34, 35)
Discovery Timeline
- 2021-03-23 - CVE-2021-21349 published to NVD
- 2025-05-23 - Last updated in NVD database
Technical Details for CVE-2021-21349
Vulnerability Analysis
This vulnerability is classified under CWE-502 (Deserialization of Untrusted Data) and CWE-918 (Server-Side Request Forgery). The flaw exploits XStream's deserialization mechanism, which can be abused when processing untrusted XML input. The attack is network-accessible, requires no authentication or user interaction, and can impact resources beyond the vulnerable component's security scope.
The vulnerability specifically allows attackers to bypass XStream's default blacklist-based security controls. While XStream provides a security framework, organizations using the default configuration rather than implementing strict type whitelisting remain vulnerable to this attack vector.
Root Cause
The root cause lies in XStream's approach to security through blacklisting rather than whitelisting. The library's default security framework uses a blacklist to prevent deserialization of known dangerous classes. However, attackers discovered new gadget chains that bypass these blacklists, allowing them to construct XML payloads that trigger SSRF attacks during deserialization.
When XStream processes a maliciously crafted XML document, it can instantiate objects that make network requests to arbitrary URLs, including internal network addresses. This occurs because the deserialization process does not adequately validate or restrict the types of objects being reconstructed and their associated behaviors.
Attack Vector
The attack is executed remotely over the network by submitting specially crafted XML data to an application that uses XStream for deserialization. The attacker does not need any authentication or privileges, and no user interaction is required for exploitation.
An attacker constructs an XML payload containing serialized object references that, when deserialized by XStream, trigger HTTP requests to internal resources. These requests can target cloud metadata services (such as http://169.254.169.254/), internal APIs, database servers, or other sensitive backend services.
The attack flow involves:
- Identifying an application endpoint that accepts and deserializes XML using XStream
- Crafting an XML payload with serialized objects designed to trigger outbound requests
- Submitting the payload to the vulnerable endpoint
- XStream deserializes the payload, causing the server to make requests to attacker-specified internal URLs
- Response data from internal services may be exfiltrated or used for further attacks
For detailed technical information about the exploitation technique, refer to the GitHub Security Advisory and the X-Stream CVE-2021-21349 Details.
Detection Methods for CVE-2021-21349
Indicators of Compromise
- Unusual outbound HTTP/HTTPS connections from application servers to internal IP ranges (e.g., 10.x.x.x, 172.16.x.x, 192.168.x.x)
- Requests to cloud metadata endpoints (169.254.169.254) from unexpected services
- Anomalous XML payloads in application logs containing suspicious class references
- Unexpected network traffic to internal services from Java-based applications using XStream
Detection Strategies
- Monitor application endpoints that accept XML input for suspicious serialization patterns
- Implement network monitoring to detect SSRF attempts targeting internal resources
- Deploy web application firewalls (WAF) with rules to detect XStream exploitation attempts
- Analyze Java application logs for deserialization exceptions or warnings related to blocked types
Monitoring Recommendations
- Enable verbose logging for XStream security framework events
- Configure network intrusion detection systems to alert on internal network scanning from application servers
- Monitor DNS queries for internal hostname resolution from externally-facing applications
- Implement egress filtering and log all outbound connections from vulnerable application tiers
How to Mitigate CVE-2021-21349
Immediate Actions Required
- Upgrade XStream to version 1.4.16 or later immediately
- Implement XStream's security framework with a strict whitelist of allowed types
- Audit all applications using XStream to identify vulnerable deployments
- Review and restrict network egress from application servers to minimize SSRF impact
Patch Information
The vulnerability is resolved in XStream version 1.4.16 and later. Organizations should update to the latest available version of XStream. For detailed release notes, see the X-Stream Release Changes.
Multiple vendors have released patches addressing this vulnerability:
- Oracle addressed this issue in the January 2022 CPU Advisory, October 2021 CPU Advisory, and July 2021 CPU Advisory
- Debian released security updates via DSA-5004 and the LTS Security Announcement
- NetApp published guidance in their Security Advisory
- Fedora released updated packages for Fedora 33, 34, and 35
Workarounds
- Configure XStream's security framework with a whitelist limited to the minimal required types for your application
- Block deserialization of unnecessary or dangerous classes using XStream's allowTypeHierarchy() and denyTypes() methods
- Implement network segmentation to limit the impact of SSRF attacks on internal resources
- Deploy input validation at the application layer to reject malformed or suspicious XML payloads
# Example XStream security configuration (Java)
# Configure whitelist-based security framework
XStream xstream = new XStream();
xstream.addPermission(NoTypePermission.NONE);
xstream.addPermission(NullPermission.NULL);
xstream.addPermission(PrimitiveTypePermission.PRIMITIVES);
xstream.allowTypeHierarchy(Collection.class);
xstream.allowTypes(new Class[] { YourAllowedClass.class });
For comprehensive workaround guidance, refer to the X-Stream Security Workarounds documentation.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
