Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
40 vulnerabilities found for archiva by apache
CVE-2024-27138 (GCVE-0-2024-27138)
Vulnerability from cvelistv5 – Published: 2024-03-01 15:41 – Updated: 2025-02-13 17:41 Unsupported When Assigned
VLAI
Title
Apache Archiva: disabling user registration is not effective
Summary
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Archiva.
Apache Archiva has a setting to disable user registration, however this restriction can be bypassed. As Apache Archiva has been retired, we do not expect to release a version of Apache Archiva that fixes this issue. You are recommended to look into migrating to a different solution, or isolate your instance from any untrusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
2 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
2.0.0 , ≤ *
(semver)
|
|
| apache | archiva |
Affected:
2.0.0 , ≤ *
(semver)
cpe:2.3:a:apache:archiva:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/070qcpclcb3sqk1hn8j5lvzohp30k1m2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/4"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:archiva:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "archiva",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-27138",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T20:35:32.425736Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T20:39:03.401Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Florian Hauser, @frycos"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Archiva.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eApache Archiva has a setting to disable user registration, however this restriction can be bypassed. As Apache Archiva has been retired, we do not expect to release a version of Apache Archiva that fixes this issue. You are recommended to look into migrating to a different solution, or isolate your instance from any untrusted users.\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003eNOTE: This vulnerability only affects products that are no longer supported by the maintainer\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Archiva.\n\nApache Archiva has a setting to disable user registration, however this restriction can be bypassed. As Apache Archiva has been retired, we do not expect to release a version of Apache Archiva that fixes this issue. You are recommended to look into migrating to a different solution, or isolate your instance from any untrusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer"
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T17:11:18.723Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/070qcpclcb3sqk1hn8j5lvzohp30k1m2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Apache Archiva: disabling user registration is not effective",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-27138",
"datePublished": "2024-03-01T15:41:12.677Z",
"dateReserved": "2024-02-20T15:31:32.266Z",
"dateUpdated": "2025-02-13T17:41:18.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27139 (GCVE-0-2024-27139)
Vulnerability from cvelistv5 – Published: 2024-03-01 15:40 – Updated: 2025-04-16 20:47 Unsupported When Assigned
VLAI
Title
Apache Archiva: incorrect authentication potentially leading to account takeover
Summary
** UNSUPPORTED WHEN ASSIGNED **
Incorrect Authorization vulnerability in Apache Archiva: a vulnerability in Apache Archiva allows an unauthenticated attacker to modify account data, potentially leading to account takeover.
This issue affects Apache Archiva: from 2.0.0.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
2 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
2.0.0 , ≤ *
(semver)
|
|
| apache_software_foundation | apache_archiva |
Affected:
2.0.0 , ≤ *
(custom)
cpe:2.3:a:apache_software_foundation:apache_archiva:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache_software_foundation:apache_archiva:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apache_archiva",
"vendor": "apache_software_foundation",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-27139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-06T15:21:13.533716Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T20:47:27.623Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/qr8b7r86p1hkn0dc0q827s981kf1bgd8"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "1uHrm of cyberkl"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "** UNSUPPORTED WHEN ASSIGNED **\u003cbr\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eIncorrect Authorization vulnerability in Apache Archiva: a vulnerability in Apache Archiva allows an unauthenticated attacker to modify account data, potentially leading to account takeover.\u003cbr\u003e\u003c/div\u003e\u003cp\u003eThis issue affects Apache Archiva: from 2.0.0.\u003c/p\u003e\u003cp\u003eAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eNOTE: This vulnerability only affects products that are no longer supported by the maintainer.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "** UNSUPPORTED WHEN ASSIGNED **\n\nIncorrect Authorization vulnerability in Apache Archiva: a vulnerability in Apache Archiva allows an unauthenticated attacker to modify account data, potentially leading to account takeover.\n\nThis issue affects Apache Archiva: from 2.0.0.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:06:37.285Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/qr8b7r86p1hkn0dc0q827s981kf1bgd8"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Apache Archiva: incorrect authentication potentially leading to account takeover",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-27139",
"datePublished": "2024-03-01T15:40:49.893Z",
"dateReserved": "2024-02-20T15:54:30.546Z",
"dateUpdated": "2025-04-16T20:47:27.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27140 (GCVE-0-2024-27140)
Vulnerability from cvelistv5 – Published: 2024-03-01 15:40 – Updated: 2025-02-13 17:41 Unsupported When Assigned
VLAI
Title
Apache Archiva: reflected XSS
Summary
** UNSUPPORTED WHEN ASSIGNED **
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Archiva.
This issue affects Apache Archiva: from 2.0.0.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. Alternatively, you could configure a HTTP proxy in front of your Archiva instance to only forward requests that do not have malicious characters in the URL.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Severity
5.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
2.0.0 , ≤ *
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/xrn6nt904ozh3jym60c3f5hj2fb75pjy"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-27140",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T20:53:57.523304Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T21:06:42.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "sandr0 / Sandro Bauer (sandr0.xyz)"
},
{
"lang": "en",
"type": "finder",
"value": "BTullis / Ben Tullis (wikimedia.org)"
},
{
"lang": "en",
"type": "finder",
"value": "sbassett / Scott Bassett (wikimedia.org)"
},
{
"lang": "en",
"type": "finder",
"value": "L0ne1y"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e** UNSUPPORTED WHEN ASSIGNED **\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Apache Archiva.\u003c/div\u003e\u003cp\u003eThis issue affects Apache Archiva: from 2.0.0.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. Alternatively, you could configure a HTTP proxy in front of your Archiva instance to only forward requests that do not have malicious characters in the URL.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eNOTE: This vulnerability only affects products that are no longer supported by the maintainer.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "** UNSUPPORTED WHEN ASSIGNED **\n\nImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Apache Archiva.\n\nThis issue affects Apache Archiva: from 2.0.0.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. Alternatively, you could configure a HTTP proxy in front of your Archiva instance to only forward requests that do not have malicious characters in the URL.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:11.011Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/xrn6nt904ozh3jym60c3f5hj2fb75pjy"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Apache Archiva: reflected XSS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-27140",
"datePublished": "2024-03-01T15:40:08.456Z",
"dateReserved": "2024-02-20T15:56:43.961Z",
"dateUpdated": "2025-02-13T17:41:19.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28158 (GCVE-0-2023-28158)
Vulnerability from cvelistv5 – Published: 2023-03-29 12:21 – Updated: 2025-02-13 16:45
VLAI
Title
Apache Archiva privilege escalation
Summary
Privilege escalation via stored XSS using the file upload service to upload malicious content.
The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
2.0 , < 2.2.10
(maven)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:30:24.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/8pm6d5y9cptznm0bdny3n8voovmm0dtt"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/04/18/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28158",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T15:12:27.939865Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T15:12:35.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.2.10",
"status": "affected",
"version": "2.0",
"versionType": "maven"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "sandr0 (sandr0.xyz)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Privilege escalation via stored XSS using the file upload service to upload malicious content.\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Privilege escalation via stored XSS using the file upload service to upload malicious content.\nThe issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T02:06:24.671Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/8pm6d5y9cptznm0bdny3n8voovmm0dtt"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/18/2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache Archiva privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-28158",
"datePublished": "2023-03-29T12:21:46.932Z",
"dateReserved": "2023-03-13T02:37:38.879Z",
"dateUpdated": "2025-02-13T16:45:40.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40309 (GCVE-0-2022-40309)
Vulnerability from cvelistv5 – Published: 2022-11-15 00:00 – Updated: 2025-04-30 16:02
VLAI
Title
Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories
Summary
Users with write permissions to a repository can delete arbitrary directories.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Arbitrary directory deletion
- CWE-noinfo Not enough information
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
unspecified , ≤ 2.2.8
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:40.053Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/1odl4p85r96n27k577jk6ftrp19xfc27"
},
{
"name": "[oss-security] 20221115 CVE-2022-40309: Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40309",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T16:02:01.273540Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T16:02:30.071Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to L3yx of Syclover Security Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "Users with write permissions to a repository can delete arbitrary directories."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary directory deletion",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-15T00:00:00.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"url": "https://lists.apache.org/thread/1odl4p85r96n27k577jk6ftrp19xfc27"
},
{
"name": "[oss-security] 20221115 CVE-2022-40309: Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-40309",
"datePublished": "2022-11-15T00:00:00.000Z",
"dateReserved": "2022-09-09T00:00:00.000Z",
"dateUpdated": "2025-04-30T16:02:30.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40308 (GCVE-0-2022-40308)
Vulnerability from cvelistv5 – Published: 2022-11-15 00:00 – Updated: 2025-04-30 16:03
VLAI
Title
Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files
Summary
If anonymous read enabled, it's possible to read the database file directly without logging in.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Arbitrary file read vulnerability
- CWE-noinfo Not enough information
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
Apache Archiva , ≤ 2.2.8
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:40.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/x01pnn0jjsw512cscxsbxzrjmz64n4cc"
},
{
"name": "[oss-security] 20221115 CVE-2022-40308: Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40308",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T16:02:48.785683Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T16:03:13.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.2.8",
"status": "affected",
"version": "Apache Archiva",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to L3yx of Syclover Security Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "If anonymous read enabled, it\u0027s possible to read the database file directly without logging in."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary file read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-15T00:00:00.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"url": "https://lists.apache.org/thread/x01pnn0jjsw512cscxsbxzrjmz64n4cc"
},
{
"name": "[oss-security] 20221115 CVE-2022-40308: Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-40308",
"datePublished": "2022-11-15T00:00:00.000Z",
"dateReserved": "2022-09-09T00:00:00.000Z",
"dateUpdated": "2025-04-30T16:03:13.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29405 (GCVE-0-2022-29405)
Vulnerability from cvelistv5 – Published: 2022-05-25 07:15 – Updated: 2024-08-03 06:17
VLAI
Title
Apache Archiva Arbitrary user password reset vulnerability
Summary
In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8
Severity
No CVSS data available.
CWE
- Apache Archiva Arbitrary user password reset vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://archiva.apache.org/docs/2.2.8/release-not… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
2.2 , ≤ 2.2.7
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:17:55.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://archiva.apache.org/docs/2.2.8/release-notes.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.2.7",
"status": "affected",
"version": "2.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Apache Archiva Arbitrary user password reset vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-25T07:15:11.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://archiva.apache.org/docs/2.2.8/release-notes.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Archiva Arbitrary user password reset vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-29405",
"STATE": "PUBLIC",
"TITLE": "Apache Archiva Arbitrary user password reset vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.2",
"version_value": "2.2.7"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Apache Archiva Arbitrary user password reset vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://archiva.apache.org/docs/2.2.8/release-notes.html",
"refsource": "MISC",
"url": "https://archiva.apache.org/docs/2.2.8/release-notes.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-29405",
"datePublished": "2022-05-25T07:15:11.000Z",
"dateReserved": "2022-04-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:17:55.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9495 (GCVE-0-2020-9495)
Vulnerability from cvelistv5 – Published: 2020-06-19 18:59 – Updated: 2024-08-04 10:34
VLAI
Summary
Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special values to the login form. With certain characters it is possible to modify the LDAP filter used to query the LDAP users. By measuring the response time for the login request, arbitrary attribute data can be retrieved from LDAP user objects.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://archiva.apache.org/security.html#CVE-2020-9495 | x_refsource_MISC |
| https://lists.apache.org/thread.html/r7ae580f700a… | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/r576eaabe3f7… | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/r576eaabe3f7… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2020/06/19/1 | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/r576eaabe3f7… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Apache Archiva |
Affected:
Apache Archiva 2.2.4 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:34:38.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html#CVE-2020-9495"
},
{
"name": "[maven-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7ae580f700ade57b00641a70a5c639a3ba576893bbf7f9fd93bc491d%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-dev] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cdev.archiva.apache.org%3E"
},
{
"name": "[archiva-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/19/1"
},
{
"name": "[announce] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Apache Archiva 2.2.4 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special values to the login form. With certain characters it is possible to modify the LDAP filter used to query the LDAP users. By measuring the response time for the login request, arbitrary attribute data can be retrieved from LDAP user objects."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-20T01:06:11.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://archiva.apache.org/security.html#CVE-2020-9495"
},
{
"name": "[maven-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7ae580f700ade57b00641a70a5c639a3ba576893bbf7f9fd93bc491d%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-dev] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cdev.archiva.apache.org%3E"
},
{
"name": "[archiva-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/19/1"
},
{
"name": "[announce] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cannounce.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-9495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_value": "Apache Archiva 2.2.4 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special values to the login form. With certain characters it is possible to modify the LDAP filter used to query the LDAP users. By measuring the response time for the login request, arbitrary attribute data can be retrieved from LDAP user objects."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://archiva.apache.org/security.html#CVE-2020-9495",
"refsource": "MISC",
"url": "http://archiva.apache.org/security.html#CVE-2020-9495"
},
{
"name": "[maven-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7ae580f700ade57b00641a70a5c639a3ba576893bbf7f9fd93bc491d@%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-dev] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d@%3Cdev.archiva.apache.org%3E"
},
{
"name": "[archiva-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d@%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/06/19/1"
},
{
"name": "[announce] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d@%3Cannounce.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2020-9495",
"datePublished": "2020-06-19T18:59:20.000Z",
"dateReserved": "2020-03-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:34:38.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0214 (GCVE-0-2019-0214)
Vulnerability from cvelistv5 – Published: 2019-04-30 21:48 – Updated: 2024-08-04 17:44
VLAI
Summary
In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file.
Severity
No CVSS data available.
CWE
- Arbitrary write/delete of files on the archiva server
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread.html/239349b6dd8f… | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/5851cb0214f2… | mailing-listx_refsource_MLIST |
| https://seclists.org/bugtraq/2019/Apr/48 | mailing-listx_refsource_BUGTRAQ |
| http://www.openwall.com/lists/oss-security/2019/04/30/8 | mailing-listx_refsource_MLIST |
| http://packetstormsecurity.com/files/152684/Apach… | x_refsource_MISC |
| http://archiva.apache.org/security.html#CVE-2019-0214 | x_refsource_CONFIRM |
| https://lists.apache.org/thread.html/ada0052409d8… | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/108124 | vdb-entryx_refsource_BID |
| https://lists.apache.org/thread.html/18b670afc2f8… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache | Apache Archiva |
Affected:
All versions prior to version 2.2.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:14.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Apr/48"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html#CVE-2019-0214"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E"
},
{
"name": "108124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108124"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 2.2.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary write/delete of files on the archiva server",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-02T16:06:04.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Apr/48"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://archiva.apache.org/security.html#CVE-2019-0214"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E"
},
{
"name": "108124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108124"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8%40%3Cannounce.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-0214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 2.2.4"
}
]
}
}
]
},
"vendor_name": "Apache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary write/delete of files on the archiva server"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e@%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda@%3Cusers.archiva.apache.org%3E"
},
{
"name": "20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Apr/48"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/8"
},
{
"name": "http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html"
},
{
"name": "http://archiva.apache.org/security.html#CVE-2019-0214",
"refsource": "CONFIRM",
"url": "http://archiva.apache.org/security.html#CVE-2019-0214"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb@%3Cissues.archiva.apache.org%3E"
},
{
"name": "108124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108124"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8@%3Cannounce.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2019-0214",
"datePublished": "2019-04-30T21:48:54.000Z",
"dateReserved": "2018-11-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T17:44:14.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0213 (GCVE-0-2019-0213)
Vulnerability from cvelistv5 – Published: 2019-04-30 21:35 – Updated: 2024-08-04 17:44
VLAI
Summary
In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised.
Severity
No CVSS data available.
CWE
- Stored XSS
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://seclists.org/bugtraq/2019/Apr/47 | mailing-listx_refsource_BUGTRAQ |
| https://lists.apache.org/thread.html/c358754a3547… | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/0397ddbd17b5… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2019/04/30/7 | mailing-listx_refsource_MLIST |
| http://packetstormsecurity.com/files/152681/Apach… | x_refsource_MISC |
| http://archiva.apache.org/security.html#CVE-2019-0213 | x_refsource_MISC |
| https://lists.apache.org/thread.html/ada0052409d8… | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/108123 | vdb-entryx_refsource_BID |
| https://lists.apache.org/thread.html/7bcea134c3d6… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache | Apache Archiva |
Affected:
All versions prior to version 2.2.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:14.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Apr/47"
},
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html#CVE-2019-0213"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E"
},
{
"name": "108123",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108123"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 2.2.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-06T19:58:29.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Apr/47"
},
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://archiva.apache.org/security.html#CVE-2019-0213"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E"
},
{
"name": "108123",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108123"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d%40%3Cannounce.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-0213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 2.2.4"
}
]
}
}
]
},
"vendor_name": "Apache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Apr/47"
},
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97@%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3@%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/7"
},
{
"name": "http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html"
},
{
"name": "http://archiva.apache.org/security.html#CVE-2019-0213",
"refsource": "MISC",
"url": "http://archiva.apache.org/security.html#CVE-2019-0213"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb@%3Cissues.archiva.apache.org%3E"
},
{
"name": "108123",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108123"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d@%3Cannounce.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2019-0213",
"datePublished": "2019-04-30T21:35:47.000Z",
"dateReserved": "2018-11-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T17:44:14.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5657 (GCVE-0-2017-5657)
Vulnerability from cvelistv5 – Published: 2017-05-22 18:00 – Updated: 2024-08-05 15:11
VLAI
Summary
Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forgery (CSRF) attacks. A malicious site opened in the same browser as the archiva site, may send an HTML response that performs arbitrary actions on archiva services, with the same rights as the active archiva session (e.g. administrator rights).
Severity
No CVSS data available.
CWE
- Apache Archiva CSRF vulnerabilities for various REST endpoints
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://archiva.apache.org/security.html#CVE-2017-5657 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/98570 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1038528 | vdb-entryx_refsource_SECTRACK |
| https://lists.apache.org/thread.html/ff8dcfe29377… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
1.x
Affected: 2.0.0, 2.0.1 Affected: 2.1.0, 2.1.1 Affected: 2.2.0, 2.2.1, 2.2.2 |
Date Public
2017-05-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:48.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html#CVE-2017-5657"
},
{
"name": "98570",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98570"
},
{
"name": "1038528",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038528"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "1.x"
},
{
"status": "affected",
"version": "2.0.0, 2.0.1"
},
{
"status": "affected",
"version": "2.1.0, 2.1.1"
},
{
"status": "affected",
"version": "2.2.0, 2.2.1, 2.2.2"
}
]
}
],
"datePublic": "2017-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forgery (CSRF) attacks. A malicious site opened in the same browser as the archiva site, may send an HTML response that performs arbitrary actions on archiva services, with the same rights as the active archiva session (e.g. administrator rights)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Apache Archiva CSRF vulnerabilities for various REST endpoints",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-16T17:06:06.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://archiva.apache.org/security.html#CVE-2017-5657"
},
{
"name": "98570",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98570"
},
{
"name": "1038528",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038528"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-5657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_value": "1.x"
},
{
"version_value": "2.0.0, 2.0.1"
},
{
"version_value": "2.1.0, 2.1.1"
},
{
"version_value": "2.2.0, 2.2.1, 2.2.2"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forgery (CSRF) attacks. A malicious site opened in the same browser as the archiva site, may send an HTML response that performs arbitrary actions on archiva services, with the same rights as the active archiva session (e.g. administrator rights)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Apache Archiva CSRF vulnerabilities for various REST endpoints"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://archiva.apache.org/security.html#CVE-2017-5657",
"refsource": "CONFIRM",
"url": "http://archiva.apache.org/security.html#CVE-2017-5657"
},
{
"name": "98570",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98570"
},
{
"name": "1038528",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038528"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-5657",
"datePublished": "2017-05-22T18:00:00.000Z",
"dateReserved": "2017-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:11:48.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4469 (GCVE-0-2016-4469)
Vulnerability from cvelistv5 – Published: 2016-07-28 16:00 – Updated: 2024-08-06 00:32
VLAI
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to admin/addProxyConnector_commit.action, (2) new repositories via the token parameter to admin/addRepository_commit.action, (3) edit existing repositories via the token parameter to admin/editRepository_commit.action, (4) add legacy artifact paths via the token parameter to admin/addLegacyArtifactPath_commit.action, (5) change the organizational appearance via the token parameter to admin/saveAppearance.action, or (6) upload new artifacts via the token parameter to upload_submit.action.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://packetstormsecurity.com/files/137869/Apach… | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2016/Jul/37 | mailing-listx_refsource_FULLDISC |
| http://www.securitytracker.com/id/1036475 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/538877/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/91703 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/40109/ | exploitx_refsource_EXPLOIT-DB |
| https://lists.apache.org/thread.html/ff8dcfe29377… | mailing-listx_refsource_MLIST |
Date Public
2016-07-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html"
},
{
"name": "20160712 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/37"
},
{
"name": "1036475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036475"
},
{
"name": "20160711 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/538877/100/0/threaded"
},
{
"name": "91703",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91703"
},
{
"name": "40109",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40109/"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to admin/addProxyConnector_commit.action, (2) new repositories via the token parameter to admin/addRepository_commit.action, (3) edit existing repositories via the token parameter to admin/editRepository_commit.action, (4) add legacy artifact paths via the token parameter to admin/addLegacyArtifactPath_commit.action, (5) change the organizational appearance via the token parameter to admin/saveAppearance.action, or (6) upload new artifacts via the token parameter to upload_submit.action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-16T17:06:05.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html"
},
{
"name": "20160712 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/37"
},
{
"name": "1036475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036475"
},
{
"name": "20160711 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/538877/100/0/threaded"
},
{
"name": "91703",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91703"
},
{
"name": "40109",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40109/"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-4469",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to admin/addProxyConnector_commit.action, (2) new repositories via the token parameter to admin/addRepository_commit.action, (3) edit existing repositories via the token parameter to admin/editRepository_commit.action, (4) add legacy artifact paths via the token parameter to admin/addLegacyArtifactPath_commit.action, (5) change the organizational appearance via the token parameter to admin/saveAppearance.action, or (6) upload new artifacts via the token parameter to upload_submit.action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html"
},
{
"name": "20160712 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jul/37"
},
{
"name": "1036475",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036475"
},
{
"name": "20160711 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538877/100/0/threaded"
},
{
"name": "91703",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91703"
},
{
"name": "40109",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40109/"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4469",
"datePublished": "2016-07-28T16:00:00.000Z",
"dateReserved": "2016-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:32:25.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5005 (GCVE-0-2016-5005)
Vulnerability from cvelistv5 – Published: 2016-07-28 16:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via the connector.sourceRepoId parameter to admin/addProxyConnector_commit.action.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/538878/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id/1036475 | vdb-entryx_refsource_SECTRACK |
| http://packetstormsecurity.com/files/137870/Apach… | x_refsource_MISC |
| http://www.securityfocus.com/bid/91707 | vdb-entryx_refsource_BID |
| http://seclists.org/fulldisclosure/2016/Jul/38 | mailing-listx_refsource_FULLDISC |
| https://lists.apache.org/thread.html/ff8dcfe29377… | mailing-listx_refsource_MLIST |
Date Public
2016-07-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160711 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/538878/100/0/threaded"
},
{
"name": "1036475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036475"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137870/Apache-Archiva-1.3.9-Cross-Site-Scripting.html"
},
{
"name": "91707",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91707"
},
{
"name": "20160712 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/38"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via the connector.sourceRepoId parameter to admin/addProxyConnector_commit.action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-16T17:06:05.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20160711 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/538878/100/0/threaded"
},
{
"name": "1036475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036475"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137870/Apache-Archiva-1.3.9-Cross-Site-Scripting.html"
},
{
"name": "91707",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91707"
},
{
"name": "20160712 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/38"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-5005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via the connector.sourceRepoId parameter to admin/addProxyConnector_commit.action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160711 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538878/100/0/threaded"
},
{
"name": "1036475",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036475"
},
{
"name": "http://packetstormsecurity.com/files/137870/Apache-Archiva-1.3.9-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137870/Apache-Archiva-1.3.9-Cross-Site-Scripting.html"
},
{
"name": "91707",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91707"
},
{
"name": "20160712 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jul/38"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-5005",
"datePublished": "2016-07-28T16:00:00.000Z",
"dateReserved": "2016-05-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2187 (GCVE-0-2013-2187)
Vulnerability from cvelistv5 – Published: 2014-04-22 14:00 – Updated: 2024-08-06 15:27
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/66991 | vdb-entryx_refsource_BID |
| http://archiva.apache.org/security.html | x_refsource_CONFIRM |
| http://www.securityfocus.com/archive/1/531884/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id/1030130 | vdb-entryx_refsource_SECTRACK |
Date Public
2014-04-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.000Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "66991",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66991"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html"
},
{
"name": "20140419 [SECURITY] CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/531884/100/0/threaded"
},
{
"name": "1030130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030130"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "66991",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66991"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://archiva.apache.org/security.html"
},
{
"name": "20140419 [SECURITY] CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/531884/100/0/threaded"
},
{
"name": "1030130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030130"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2187",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "66991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66991"
},
{
"name": "http://archiva.apache.org/security.html",
"refsource": "CONFIRM",
"url": "http://archiva.apache.org/security.html"
},
{
"name": "20140419 [SECURITY] CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531884/100/0/threaded"
},
{
"name": "1030130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030130"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2187",
"datePublished": "2014-04-22T14:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:27:41.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2251 (GCVE-0-2013-2251)
Vulnerability from cvelistv5 – Published: 2013-07-18 01:00 – Updated: 2025-10-22 00:05Summary
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
Severity
9.8 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
17 references
Date Public
2013-07-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "apache-archiva-ognl-command-exec(90392)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90392"
},
{
"name": "20131013 Apache Software Foundation A Subsite Remote command execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Oct/96"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cxsecurity.com/issue/WLB-2014010087"
},
{
"name": "20131023 Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://struts.apache.org/release/2.3.x/docs/s2-016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html"
},
{
"name": "98445",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/98445"
},
{
"name": "1032916",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032916"
},
{
"name": "61189",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61189"
},
{
"name": "1029184",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029184"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "[oss-security] 20140114 Re: CVE Request: Apache Archiva Remote Command Execution 0day",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q1/89"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2013-2251",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:24:31.949070Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2251"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:41.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2251"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-25T00:00:00.000Z",
"value": "CVE-2013-2251 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T21:06:20.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "apache-archiva-ognl-command-exec(90392)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90392"
},
{
"name": "20131013 Apache Software Foundation A Subsite Remote command execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Oct/96"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cxsecurity.com/issue/WLB-2014010087"
},
{
"name": "20131023 Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://struts.apache.org/release/2.3.x/docs/s2-016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://archiva.apache.org/security.html"
},
{
"name": "98445",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/98445"
},
{
"name": "1032916",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032916"
},
{
"name": "61189",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61189"
},
{
"name": "1029184",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029184"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "[oss-security] 20140114 Re: CVE Request: Apache Archiva Remote Command Execution 0day",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q1/89"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2251",
"datePublished": "2013-07-18T01:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:41.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27138 (GCVE-0-2024-27138)
Vulnerability from nvd – Published: 2024-03-01 15:41 – Updated: 2025-02-13 17:41 Unsupported When Assigned
VLAI
Title
Apache Archiva: disabling user registration is not effective
Summary
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Archiva.
Apache Archiva has a setting to disable user registration, however this restriction can be bypassed. As Apache Archiva has been retired, we do not expect to release a version of Apache Archiva that fixes this issue. You are recommended to look into migrating to a different solution, or isolate your instance from any untrusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
2 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
2.0.0 , ≤ *
(semver)
|
|
| apache | archiva |
Affected:
2.0.0 , ≤ *
(semver)
cpe:2.3:a:apache:archiva:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/070qcpclcb3sqk1hn8j5lvzohp30k1m2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/4"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:archiva:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "archiva",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-27138",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T20:35:32.425736Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T20:39:03.401Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Florian Hauser, @frycos"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Archiva.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eApache Archiva has a setting to disable user registration, however this restriction can be bypassed. As Apache Archiva has been retired, we do not expect to release a version of Apache Archiva that fixes this issue. You are recommended to look into migrating to a different solution, or isolate your instance from any untrusted users.\u003cbr\u003e\u003c/div\u003e\u003cp\u003e\u003c/p\u003e\u003cdiv\u003eNOTE: This vulnerability only affects products that are no longer supported by the maintainer\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Archiva.\n\nApache Archiva has a setting to disable user registration, however this restriction can be bypassed. As Apache Archiva has been retired, we do not expect to release a version of Apache Archiva that fixes this issue. You are recommended to look into migrating to a different solution, or isolate your instance from any untrusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer"
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T17:11:18.723Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/070qcpclcb3sqk1hn8j5lvzohp30k1m2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/4"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Apache Archiva: disabling user registration is not effective",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-27138",
"datePublished": "2024-03-01T15:41:12.677Z",
"dateReserved": "2024-02-20T15:31:32.266Z",
"dateUpdated": "2025-02-13T17:41:18.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27139 (GCVE-0-2024-27139)
Vulnerability from nvd – Published: 2024-03-01 15:40 – Updated: 2025-04-16 20:47 Unsupported When Assigned
VLAI
Title
Apache Archiva: incorrect authentication potentially leading to account takeover
Summary
** UNSUPPORTED WHEN ASSIGNED **
Incorrect Authorization vulnerability in Apache Archiva: a vulnerability in Apache Archiva allows an unauthenticated attacker to modify account data, potentially leading to account takeover.
This issue affects Apache Archiva: from 2.0.0.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
2 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
2.0.0 , ≤ *
(semver)
|
|
| apache_software_foundation | apache_archiva |
Affected:
2.0.0 , ≤ *
(custom)
cpe:2.3:a:apache_software_foundation:apache_archiva:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache_software_foundation:apache_archiva:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apache_archiva",
"vendor": "apache_software_foundation",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-27139",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-06T15:21:13.533716Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T20:47:27.623Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/qr8b7r86p1hkn0dc0q827s981kf1bgd8"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "1uHrm of cyberkl"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "** UNSUPPORTED WHEN ASSIGNED **\u003cbr\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eIncorrect Authorization vulnerability in Apache Archiva: a vulnerability in Apache Archiva allows an unauthenticated attacker to modify account data, potentially leading to account takeover.\u003cbr\u003e\u003c/div\u003e\u003cp\u003eThis issue affects Apache Archiva: from 2.0.0.\u003c/p\u003e\u003cp\u003eAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eNOTE: This vulnerability only affects products that are no longer supported by the maintainer.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "** UNSUPPORTED WHEN ASSIGNED **\n\nIncorrect Authorization vulnerability in Apache Archiva: a vulnerability in Apache Archiva allows an unauthenticated attacker to modify account data, potentially leading to account takeover.\n\nThis issue affects Apache Archiva: from 2.0.0.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:06:37.285Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/qr8b7r86p1hkn0dc0q827s981kf1bgd8"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Apache Archiva: incorrect authentication potentially leading to account takeover",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-27139",
"datePublished": "2024-03-01T15:40:49.893Z",
"dateReserved": "2024-02-20T15:54:30.546Z",
"dateUpdated": "2025-04-16T20:47:27.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-27140 (GCVE-0-2024-27140)
Vulnerability from nvd – Published: 2024-03-01 15:40 – Updated: 2025-02-13 17:41 Unsupported When Assigned
VLAI
Title
Apache Archiva: reflected XSS
Summary
** UNSUPPORTED WHEN ASSIGNED **
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Archiva.
This issue affects Apache Archiva: from 2.0.0.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. Alternatively, you could configure a HTTP proxy in front of your Archiva instance to only forward requests that do not have malicious characters in the URL.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Severity
5.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
2.0.0 , ≤ *
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:27:59.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/xrn6nt904ozh3jym60c3f5hj2fb75pjy"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-27140",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T20:53:57.523304Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T21:06:42.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "sandr0 / Sandro Bauer (sandr0.xyz)"
},
{
"lang": "en",
"type": "finder",
"value": "BTullis / Ben Tullis (wikimedia.org)"
},
{
"lang": "en",
"type": "finder",
"value": "sbassett / Scott Bassett (wikimedia.org)"
},
{
"lang": "en",
"type": "finder",
"value": "L0ne1y"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e** UNSUPPORTED WHEN ASSIGNED **\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Apache Archiva.\u003c/div\u003e\u003cp\u003eThis issue affects Apache Archiva: from 2.0.0.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cp\u003eAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. Alternatively, you could configure a HTTP proxy in front of your Archiva instance to only forward requests that do not have malicious characters in the URL.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eNOTE: This vulnerability only affects products that are no longer supported by the maintainer.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "** UNSUPPORTED WHEN ASSIGNED **\n\nImproper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability in Apache Archiva.\n\nThis issue affects Apache Archiva: from 2.0.0.\n\nAs this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. Alternatively, you could configure a HTTP proxy in front of your Archiva instance to only forward requests that do not have malicious characters in the URL.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:11:11.011Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/xrn6nt904ozh3jym60c3f5hj2fb75pjy"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/01/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Apache Archiva: reflected XSS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-27140",
"datePublished": "2024-03-01T15:40:08.456Z",
"dateReserved": "2024-02-20T15:56:43.961Z",
"dateUpdated": "2025-02-13T17:41:19.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28158 (GCVE-0-2023-28158)
Vulnerability from nvd – Published: 2023-03-29 12:21 – Updated: 2025-02-13 16:45
VLAI
Title
Apache Archiva privilege escalation
Summary
Privilege escalation via stored XSS using the file upload service to upload malicious content.
The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
2.0 , < 2.2.10
(maven)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:30:24.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/8pm6d5y9cptznm0bdny3n8voovmm0dtt"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/04/18/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28158",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T15:12:27.939865Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T15:12:35.785Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.2.10",
"status": "affected",
"version": "2.0",
"versionType": "maven"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "sandr0 (sandr0.xyz)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Privilege escalation via stored XSS using the file upload service to upload malicious content.\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Privilege escalation via stored XSS using the file upload service to upload malicious content.\nThe issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T02:06:24.671Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/8pm6d5y9cptznm0bdny3n8voovmm0dtt"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/18/2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache Archiva privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-28158",
"datePublished": "2023-03-29T12:21:46.932Z",
"dateReserved": "2023-03-13T02:37:38.879Z",
"dateUpdated": "2025-02-13T16:45:40.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40309 (GCVE-0-2022-40309)
Vulnerability from nvd – Published: 2022-11-15 00:00 – Updated: 2025-04-30 16:02
VLAI
Title
Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories
Summary
Users with write permissions to a repository can delete arbitrary directories.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Arbitrary directory deletion
- CWE-noinfo Not enough information
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
unspecified , ≤ 2.2.8
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:40.053Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/1odl4p85r96n27k577jk6ftrp19xfc27"
},
{
"name": "[oss-security] 20221115 CVE-2022-40309: Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40309",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T16:02:01.273540Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T16:02:30.071Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.2.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to L3yx of Syclover Security Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "Users with write permissions to a repository can delete arbitrary directories."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary directory deletion",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-15T00:00:00.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"url": "https://lists.apache.org/thread/1odl4p85r96n27k577jk6ftrp19xfc27"
},
{
"name": "[oss-security] 20221115 CVE-2022-40309: Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-40309",
"datePublished": "2022-11-15T00:00:00.000Z",
"dateReserved": "2022-09-09T00:00:00.000Z",
"dateUpdated": "2025-04-30T16:02:30.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40308 (GCVE-0-2022-40308)
Vulnerability from nvd – Published: 2022-11-15 00:00 – Updated: 2025-04-30 16:03
VLAI
Title
Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files
Summary
If anonymous read enabled, it's possible to read the database file directly without logging in.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Arbitrary file read vulnerability
- CWE-noinfo Not enough information
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
Apache Archiva , ≤ 2.2.8
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:40.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://lists.apache.org/thread/x01pnn0jjsw512cscxsbxzrjmz64n4cc"
},
{
"name": "[oss-security] 20221115 CVE-2022-40308: Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40308",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T16:02:48.785683Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T16:03:13.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.2.8",
"status": "affected",
"version": "Apache Archiva",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to L3yx of Syclover Security Team"
}
],
"descriptions": [
{
"lang": "en",
"value": "If anonymous read enabled, it\u0027s possible to read the database file directly without logging in."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary file read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-15T00:00:00.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"url": "https://lists.apache.org/thread/x01pnn0jjsw512cscxsbxzrjmz64n4cc"
},
{
"name": "[oss-security] 20221115 CVE-2022-40308: Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/11/15/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-40308",
"datePublished": "2022-11-15T00:00:00.000Z",
"dateReserved": "2022-09-09T00:00:00.000Z",
"dateUpdated": "2025-04-30T16:03:13.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29405 (GCVE-0-2022-29405)
Vulnerability from nvd – Published: 2022-05-25 07:15 – Updated: 2024-08-03 06:17
VLAI
Title
Apache Archiva Arbitrary user password reset vulnerability
Summary
In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8
Severity
No CVSS data available.
CWE
- Apache Archiva Arbitrary user password reset vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://archiva.apache.org/docs/2.2.8/release-not… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
2.2 , ≤ 2.2.7
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:17:55.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://archiva.apache.org/docs/2.2.8/release-notes.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.2.7",
"status": "affected",
"version": "2.2",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Apache Archiva Arbitrary user password reset vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-25T07:15:11.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://archiva.apache.org/docs/2.2.8/release-notes.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Archiva Arbitrary user password reset vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-29405",
"STATE": "PUBLIC",
"TITLE": "Apache Archiva Arbitrary user password reset vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.2",
"version_value": "2.2.7"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Apache Archiva Arbitrary user password reset vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://archiva.apache.org/docs/2.2.8/release-notes.html",
"refsource": "MISC",
"url": "https://archiva.apache.org/docs/2.2.8/release-notes.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-29405",
"datePublished": "2022-05-25T07:15:11.000Z",
"dateReserved": "2022-04-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:17:55.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-9495 (GCVE-0-2020-9495)
Vulnerability from nvd – Published: 2020-06-19 18:59 – Updated: 2024-08-04 10:34
VLAI
Summary
Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special values to the login form. With certain characters it is possible to modify the LDAP filter used to query the LDAP users. By measuring the response time for the login request, arbitrary attribute data can be retrieved from LDAP user objects.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://archiva.apache.org/security.html#CVE-2020-9495 | x_refsource_MISC |
| https://lists.apache.org/thread.html/r7ae580f700a… | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/r576eaabe3f7… | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/r576eaabe3f7… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2020/06/19/1 | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/r576eaabe3f7… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Apache Archiva |
Affected:
Apache Archiva 2.2.4 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:34:38.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html#CVE-2020-9495"
},
{
"name": "[maven-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7ae580f700ade57b00641a70a5c639a3ba576893bbf7f9fd93bc491d%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-dev] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cdev.archiva.apache.org%3E"
},
{
"name": "[archiva-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/19/1"
},
{
"name": "[announce] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Apache Archiva 2.2.4 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special values to the login form. With certain characters it is possible to modify the LDAP filter used to query the LDAP users. By measuring the response time for the login request, arbitrary attribute data can be retrieved from LDAP user objects."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-20T01:06:11.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://archiva.apache.org/security.html#CVE-2020-9495"
},
{
"name": "[maven-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7ae580f700ade57b00641a70a5c639a3ba576893bbf7f9fd93bc491d%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-dev] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cdev.archiva.apache.org%3E"
},
{
"name": "[archiva-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/19/1"
},
{
"name": "[announce] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d%40%3Cannounce.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2020-9495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_value": "Apache Archiva 2.2.4 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special values to the login form. With certain characters it is possible to modify the LDAP filter used to query the LDAP users. By measuring the response time for the login request, arbitrary attribute data can be retrieved from LDAP user objects."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://archiva.apache.org/security.html#CVE-2020-9495",
"refsource": "MISC",
"url": "http://archiva.apache.org/security.html#CVE-2020-9495"
},
{
"name": "[maven-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7ae580f700ade57b00641a70a5c639a3ba576893bbf7f9fd93bc491d@%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-dev] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d@%3Cdev.archiva.apache.org%3E"
},
{
"name": "[archiva-users] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d@%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/06/19/1"
},
{
"name": "[announce] 20200619 [SECURITY] CVE-2020-9495: Apache Archiva login service is vulnerable to LDAP injection",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r576eaabe3f772c045ec832a0200252494a2ce3f188f59450dd8f9b6d@%3Cannounce.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2020-9495",
"datePublished": "2020-06-19T18:59:20.000Z",
"dateReserved": "2020-03-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T10:34:38.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0214 (GCVE-0-2019-0214)
Vulnerability from nvd – Published: 2019-04-30 21:48 – Updated: 2024-08-04 17:44
VLAI
Summary
In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file.
Severity
No CVSS data available.
CWE
- Arbitrary write/delete of files on the archiva server
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread.html/239349b6dd8f… | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/5851cb0214f2… | mailing-listx_refsource_MLIST |
| https://seclists.org/bugtraq/2019/Apr/48 | mailing-listx_refsource_BUGTRAQ |
| http://www.openwall.com/lists/oss-security/2019/04/30/8 | mailing-listx_refsource_MLIST |
| http://packetstormsecurity.com/files/152684/Apach… | x_refsource_MISC |
| http://archiva.apache.org/security.html#CVE-2019-0214 | x_refsource_CONFIRM |
| https://lists.apache.org/thread.html/ada0052409d8… | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/108124 | vdb-entryx_refsource_BID |
| https://lists.apache.org/thread.html/18b670afc2f8… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache | Apache Archiva |
Affected:
All versions prior to version 2.2.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:14.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Apr/48"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html#CVE-2019-0214"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E"
},
{
"name": "108124",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108124"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 2.2.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary write/delete of files on the archiva server",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-02T16:06:04.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Apr/48"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://archiva.apache.org/security.html#CVE-2019-0214"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E"
},
{
"name": "108124",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108124"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8%40%3Cannounce.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-0214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 2.2.4"
}
]
}
}
]
},
"vendor_name": "Apache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary write/delete of files on the archiva server"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e@%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda@%3Cusers.archiva.apache.org%3E"
},
{
"name": "20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Apr/48"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/8"
},
{
"name": "http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html"
},
{
"name": "http://archiva.apache.org/security.html#CVE-2019-0214",
"refsource": "CONFIRM",
"url": "http://archiva.apache.org/security.html#CVE-2019-0214"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb@%3Cissues.archiva.apache.org%3E"
},
{
"name": "108124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108124"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/18b670afc2f83034f47ebeb2f797c350fe60f1f2b33c95b95f467ef8@%3Cannounce.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2019-0214",
"datePublished": "2019-04-30T21:48:54.000Z",
"dateReserved": "2018-11-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T17:44:14.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-0213 (GCVE-0-2019-0213)
Vulnerability from nvd – Published: 2019-04-30 21:35 – Updated: 2024-08-04 17:44
VLAI
Summary
In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised.
Severity
No CVSS data available.
CWE
- Stored XSS
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://seclists.org/bugtraq/2019/Apr/47 | mailing-listx_refsource_BUGTRAQ |
| https://lists.apache.org/thread.html/c358754a3547… | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/0397ddbd17b5… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2019/04/30/7 | mailing-listx_refsource_MLIST |
| http://packetstormsecurity.com/files/152681/Apach… | x_refsource_MISC |
| http://archiva.apache.org/security.html#CVE-2019-0213 | x_refsource_MISC |
| https://lists.apache.org/thread.html/ada0052409d8… | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/108123 | vdb-entryx_refsource_BID |
| https://lists.apache.org/thread.html/7bcea134c3d6… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache | Apache Archiva |
Affected:
All versions prior to version 2.2.4
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:44:14.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Apr/47"
},
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html#CVE-2019-0213"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E"
},
{
"name": "108123",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108123"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d%40%3Cannounce.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "All versions prior to version 2.2.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-06T19:58:29.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Apr/47"
},
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97%40%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3%40%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://archiva.apache.org/security.html#CVE-2019-0213"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb%40%3Cissues.archiva.apache.org%3E"
},
{
"name": "108123",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108123"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d%40%3Cannounce.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-0213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 2.2.4"
}
]
}
}
]
},
"vendor_name": "Apache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Apr/47"
},
{
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97@%3Cusers.maven.apache.org%3E"
},
{
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3@%3Cusers.archiva.apache.org%3E"
},
{
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/7"
},
{
"name": "http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html"
},
{
"name": "http://archiva.apache.org/security.html#CVE-2019-0213",
"refsource": "MISC",
"url": "http://archiva.apache.org/security.html#CVE-2019-0213"
},
{
"name": "[archiva-issues] 20190501 [jira] [Created] (MRM-1987) Port security fixes for 2.2.4 to 3.0.0",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ada0052409d8a4a8c4eb2c7fd6b9cd9423bc753d5fce87eb826662fb@%3Cissues.archiva.apache.org%3E"
},
{
"name": "108123",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108123"
},
{
"name": "[announce] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/7bcea134c3d6fa72cdc1052922ac0914f399f63f4690b7937b80127d@%3Cannounce.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2019-0213",
"datePublished": "2019-04-30T21:35:47.000Z",
"dateReserved": "2018-11-14T00:00:00.000Z",
"dateUpdated": "2024-08-04T17:44:14.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5657 (GCVE-0-2017-5657)
Vulnerability from nvd – Published: 2017-05-22 18:00 – Updated: 2024-08-05 15:11
VLAI
Summary
Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forgery (CSRF) attacks. A malicious site opened in the same browser as the archiva site, may send an HTML response that performs arbitrary actions on archiva services, with the same rights as the active archiva session (e.g. administrator rights).
Severity
No CVSS data available.
CWE
- Apache Archiva CSRF vulnerabilities for various REST endpoints
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://archiva.apache.org/security.html#CVE-2017-5657 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/98570 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1038528 | vdb-entryx_refsource_SECTRACK |
| https://lists.apache.org/thread.html/ff8dcfe29377… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Archiva |
Affected:
1.x
Affected: 2.0.0, 2.0.1 Affected: 2.1.0, 2.1.1 Affected: 2.2.0, 2.2.1, 2.2.2 |
Date Public
2017-05-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:48.764Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html#CVE-2017-5657"
},
{
"name": "98570",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98570"
},
{
"name": "1038528",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038528"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Archiva",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "1.x"
},
{
"status": "affected",
"version": "2.0.0, 2.0.1"
},
{
"status": "affected",
"version": "2.1.0, 2.1.1"
},
{
"status": "affected",
"version": "2.2.0, 2.2.1, 2.2.2"
}
]
}
],
"datePublic": "2017-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forgery (CSRF) attacks. A malicious site opened in the same browser as the archiva site, may send an HTML response that performs arbitrary actions on archiva services, with the same rights as the active archiva session (e.g. administrator rights)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Apache Archiva CSRF vulnerabilities for various REST endpoints",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-16T17:06:06.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://archiva.apache.org/security.html#CVE-2017-5657"
},
{
"name": "98570",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98570"
},
{
"name": "1038528",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038528"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-5657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_value": "1.x"
},
{
"version_value": "2.0.0, 2.0.1"
},
{
"version_value": "2.1.0, 2.1.1"
},
{
"version_value": "2.2.0, 2.2.1, 2.2.2"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forgery (CSRF) attacks. A malicious site opened in the same browser as the archiva site, may send an HTML response that performs arbitrary actions on archiva services, with the same rights as the active archiva session (e.g. administrator rights)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Apache Archiva CSRF vulnerabilities for various REST endpoints"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://archiva.apache.org/security.html#CVE-2017-5657",
"refsource": "CONFIRM",
"url": "http://archiva.apache.org/security.html#CVE-2017-5657"
},
{
"name": "98570",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98570"
},
{
"name": "1038528",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038528"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-5657",
"datePublished": "2017-05-22T18:00:00.000Z",
"dateReserved": "2017-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:11:48.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5005 (GCVE-0-2016-5005)
Vulnerability from nvd – Published: 2016-07-28 16:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via the connector.sourceRepoId parameter to admin/addProxyConnector_commit.action.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/538878/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id/1036475 | vdb-entryx_refsource_SECTRACK |
| http://packetstormsecurity.com/files/137870/Apach… | x_refsource_MISC |
| http://www.securityfocus.com/bid/91707 | vdb-entryx_refsource_BID |
| http://seclists.org/fulldisclosure/2016/Jul/38 | mailing-listx_refsource_FULLDISC |
| https://lists.apache.org/thread.html/ff8dcfe29377… | mailing-listx_refsource_MLIST |
Date Public
2016-07-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:40.202Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20160711 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/538878/100/0/threaded"
},
{
"name": "1036475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036475"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137870/Apache-Archiva-1.3.9-Cross-Site-Scripting.html"
},
{
"name": "91707",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91707"
},
{
"name": "20160712 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/38"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via the connector.sourceRepoId parameter to admin/addProxyConnector_commit.action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-16T17:06:05.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "20160711 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/538878/100/0/threaded"
},
{
"name": "1036475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036475"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137870/Apache-Archiva-1.3.9-Cross-Site-Scripting.html"
},
{
"name": "91707",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91707"
},
{
"name": "20160712 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/38"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-5005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Apache Archiva 1.3.9 and earlier allows remote authenticated administrators to inject arbitrary web script or HTML via the connector.sourceRepoId parameter to admin/addProxyConnector_commit.action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160711 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538878/100/0/threaded"
},
{
"name": "1036475",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036475"
},
{
"name": "http://packetstormsecurity.com/files/137870/Apache-Archiva-1.3.9-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137870/Apache-Archiva-1.3.9-Cross-Site-Scripting.html"
},
{
"name": "91707",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91707"
},
{
"name": "20160712 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jul/38"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-5005",
"datePublished": "2016-07-28T16:00:00.000Z",
"dateReserved": "2016-05-24T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:40.202Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4469 (GCVE-0-2016-4469)
Vulnerability from nvd – Published: 2016-07-28 16:00 – Updated: 2024-08-06 00:32
VLAI
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to admin/addProxyConnector_commit.action, (2) new repositories via the token parameter to admin/addRepository_commit.action, (3) edit existing repositories via the token parameter to admin/editRepository_commit.action, (4) add legacy artifact paths via the token parameter to admin/addLegacyArtifactPath_commit.action, (5) change the organizational appearance via the token parameter to admin/saveAppearance.action, or (6) upload new artifacts via the token parameter to upload_submit.action.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://packetstormsecurity.com/files/137869/Apach… | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2016/Jul/37 | mailing-listx_refsource_FULLDISC |
| http://www.securitytracker.com/id/1036475 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/538877/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/91703 | vdb-entryx_refsource_BID |
| https://www.exploit-db.com/exploits/40109/ | exploitx_refsource_EXPLOIT-DB |
| https://lists.apache.org/thread.html/ff8dcfe29377… | mailing-listx_refsource_MLIST |
Date Public
2016-07-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html"
},
{
"name": "20160712 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/37"
},
{
"name": "1036475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036475"
},
{
"name": "20160711 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/538877/100/0/threaded"
},
{
"name": "91703",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91703"
},
{
"name": "40109",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40109/"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to admin/addProxyConnector_commit.action, (2) new repositories via the token parameter to admin/addRepository_commit.action, (3) edit existing repositories via the token parameter to admin/editRepository_commit.action, (4) add legacy artifact paths via the token parameter to admin/addLegacyArtifactPath_commit.action, (5) change the organizational appearance via the token parameter to admin/saveAppearance.action, or (6) upload new artifacts via the token parameter to upload_submit.action."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-16T17:06:05.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html"
},
{
"name": "20160712 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Jul/37"
},
{
"name": "1036475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036475"
},
{
"name": "20160711 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/538877/100/0/threaded"
},
{
"name": "91703",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91703"
},
{
"name": "40109",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40109/"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-4469",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.3.9 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add new repository proxy connectors via the token parameter to admin/addProxyConnector_commit.action, (2) new repositories via the token parameter to admin/addRepository_commit.action, (3) edit existing repositories via the token parameter to admin/editRepository_commit.action, (4) add legacy artifact paths via the token parameter to admin/addLegacyArtifactPath_commit.action, (5) change the organizational appearance via the token parameter to admin/saveAppearance.action, or (6) upload new artifacts via the token parameter to upload_submit.action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137869/Apache-Archiva-1.3.9-Cross-Site-Request-Forgery.html"
},
{
"name": "20160712 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jul/37"
},
{
"name": "1036475",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036475"
},
{
"name": "20160711 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538877/100/0/threaded"
},
{
"name": "91703",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91703"
},
{
"name": "40109",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40109/"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4469",
"datePublished": "2016-07-28T16:00:00.000Z",
"dateReserved": "2016-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:32:25.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2187 (GCVE-0-2013-2187)
Vulnerability from nvd – Published: 2014-04-22 14:00 – Updated: 2024-08-06 15:27
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/66991 | vdb-entryx_refsource_BID |
| http://archiva.apache.org/security.html | x_refsource_CONFIRM |
| http://www.securityfocus.com/archive/1/531884/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id/1030130 | vdb-entryx_refsource_SECTRACK |
Date Public
2014-04-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.000Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "66991",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66991"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html"
},
{
"name": "20140419 [SECURITY] CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/531884/100/0/threaded"
},
{
"name": "1030130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030130"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "66991",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66991"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://archiva.apache.org/security.html"
},
{
"name": "20140419 [SECURITY] CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/531884/100/0/threaded"
},
{
"name": "1030130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030130"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2187",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "66991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66991"
},
{
"name": "http://archiva.apache.org/security.html",
"refsource": "CONFIRM",
"url": "http://archiva.apache.org/security.html"
},
{
"name": "20140419 [SECURITY] CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531884/100/0/threaded"
},
{
"name": "1030130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030130"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2187",
"datePublished": "2014-04-22T14:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:27:41.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2251 (GCVE-0-2013-2251)
Vulnerability from nvd – Published: 2013-07-18 01:00 – Updated: 2025-10-22 00:05Summary
Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
Severity
9.8 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Assigner
References
17 references
Date Public
2013-07-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "apache-archiva-ognl-command-exec(90392)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90392"
},
{
"name": "20131013 Apache Software Foundation A Subsite Remote command execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Oct/96"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://cxsecurity.com/issue/WLB-2014010087"
},
{
"name": "20131023 Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://struts.apache.org/release/2.3.x/docs/s2-016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://archiva.apache.org/security.html"
},
{
"name": "98445",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/98445"
},
{
"name": "1032916",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032916"
},
{
"name": "61189",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61189"
},
{
"name": "1029184",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029184"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "[oss-security] 20140114 Re: CVE Request: Apache Archiva Remote Command Execution 0day",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2014/q1/89"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2013-2251",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:24:31.949070Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2251"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:41.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2251"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-25T00:00:00.000Z",
"value": "CVE-2013-2251 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T21:06:20.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "apache-archiva-ognl-command-exec(90392)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90392"
},
{
"name": "20131013 Apache Software Foundation A Subsite Remote command execution",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Oct/96"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://cxsecurity.com/issue/WLB-2014010087"
},
{
"name": "20131023 Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://struts.apache.org/release/2.3.x/docs/s2-016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://archiva.apache.org/security.html"
},
{
"name": "98445",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/98445"
},
{
"name": "1032916",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032916"
},
{
"name": "61189",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61189"
},
{
"name": "1029184",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029184"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "[oss-security] 20140114 Re: CVE Request: Apache Archiva Remote Command Execution 0day",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2014/q1/89"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2251",
"datePublished": "2013-07-18T01:00:00.000Z",
"dateReserved": "2013-02-19T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:41.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}