Vulnerabilites related to apache - synapse
cve-2010-1632
Vulnerability from cvelistv5
Published
2010-06-22 20:24
Modified
2024-08-07 01:28
Severity ?
Summary
Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
References
http://markmail.org/message/e4yiij7lfexastvlx_refsource_MISC
http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.htmlx_refsource_CONFIRM
http://www-1.ibm.com/support/docview.wss?uid=swg1PM14844vendor-advisory, x_refsource_AIXAPAR
http://www.vupen.com/english/advisories/2010/1528vdb-entry, x_refsource_VUPEN
http://www-1.ibm.com/support/docview.wss?uid=swg1PM14765vendor-advisory, x_refsource_AIXAPAR
http://www.vupen.com/english/advisories/2010/1531vdb-entry, x_refsource_VUPEN
http://www-01.ibm.com/support/docview.wss?uid=swg21433581x_refsource_CONFIRM
http://www-1.ibm.com/support/docview.wss?uid=swg1PM14847vendor-advisory, x_refsource_AIXAPAR
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289984x_refsource_CONFIRM
http://secunia.com/advisories/41025third-party-advisory, x_refsource_SECUNIA
http://geronimo.apache.org/22x-security-report.htmlx_refsource_CONFIRM
http://www.securitytracker.com/id/1036901vdb-entry, x_refsource_SECTRACK
https://issues.apache.org/jira/browse/AXIS2-4450x_refsource_CONFIRM
http://secunia.com/advisories/41016third-party-advisory, x_refsource_SECUNIA
https://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdfx_refsource_CONFIRM
http://secunia.com/advisories/40279third-party-advisory, x_refsource_SECUNIA
https://issues.apache.org/jira/browse/GERONIMO-5383x_refsource_CONFIRM
http://secunia.com/advisories/40252third-party-advisory, x_refsource_SECUNIA
http://geronimo.apache.org/21x-security-report.htmlx_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-07T01:28:41.797Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://markmail.org/message/e4yiij7lfexastvl",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html",
               },
               {
                  name: "PM14844",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_AIXAPAR",
                     "x_transferred",
                  ],
                  url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14844",
               },
               {
                  name: "ADV-2010-1528",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2010/1528",
               },
               {
                  name: "PM14765",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_AIXAPAR",
                     "x_transferred",
                  ],
                  url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14765",
               },
               {
                  name: "ADV-2010-1531",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2010/1531",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www-01.ibm.com/support/docview.wss?uid=swg21433581",
               },
               {
                  name: "PM14847",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_AIXAPAR",
                     "x_transferred",
                  ],
                  url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14847",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289984",
               },
               {
                  name: "41025",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/41025",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://geronimo.apache.org/22x-security-report.html",
               },
               {
                  name: "1036901",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1036901",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://issues.apache.org/jira/browse/AXIS2-4450",
               },
               {
                  name: "41016",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/41016",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdf",
               },
               {
                  name: "40279",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/40279",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://issues.apache.org/jira/browse/GERONIMO-5383",
               },
               {
                  name: "40252",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/40252",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://geronimo.apache.org/21x-security-report.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2010-06-13T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-07-29T09:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://markmail.org/message/e4yiij7lfexastvl",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html",
            },
            {
               name: "PM14844",
               tags: [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
               ],
               url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14844",
            },
            {
               name: "ADV-2010-1528",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2010/1528",
            },
            {
               name: "PM14765",
               tags: [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
               ],
               url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14765",
            },
            {
               name: "ADV-2010-1531",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2010/1531",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www-01.ibm.com/support/docview.wss?uid=swg21433581",
            },
            {
               name: "PM14847",
               tags: [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
               ],
               url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14847",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289984",
            },
            {
               name: "41025",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/41025",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://geronimo.apache.org/22x-security-report.html",
            },
            {
               name: "1036901",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1036901",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://issues.apache.org/jira/browse/AXIS2-4450",
            },
            {
               name: "41016",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/41016",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdf",
            },
            {
               name: "40279",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/40279",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://issues.apache.org/jira/browse/GERONIMO-5383",
            },
            {
               name: "40252",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/40252",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://geronimo.apache.org/21x-security-report.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2010-1632",
      datePublished: "2010-06-22T20:24:00",
      dateReserved: "2010-04-29T00:00:00",
      dateUpdated: "2024-08-07T01:28:41.797Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-15708
Vulnerability from cvelistv5
Published
2017-12-11 15:00
Modified
2024-09-17 02:51
Severity ?
Summary
In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.
Impacted products
Vendor Product Version
Apache Software Foundation Apache Synapse Version: 3.0.0
Version: 2.1.0
Version: 2.0.0
Version: 1.2
Version: 1.1.2
Version: 1.1.1
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T20:04:50.319Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "102154",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/102154",
               },
               {
                  name: "[dev] 20171210 [CVE-2017-15708] Apache Synapse Remote Code Execution Vulnerability",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/77f2accf240d25d91b47033e2f8ebec84ffbc6e6627112b2f98b66c9%40%3Cdev.synapse.apache.org%3E",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujul2020.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2020.html",
               },
               {
                  name: "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5595: [FE][Fix]Update commons-collections to fix a security issue",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.apache.org/thread.html/r0fb289cd38c915b9a13a3376134f96222dd9100f1ef66b41631865c6%40%3Ccommits.doris.apache.org%3E",
               },
               {
                  name: "GLSA-202107-37",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/202107-37",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Apache Synapse",
               vendor: "Apache Software Foundation",
               versions: [
                  {
                     status: "affected",
                     version: "3.0.0",
                  },
                  {
                     status: "affected",
                     version: "2.1.0",
                  },
                  {
                     status: "affected",
                     version: "2.0.0",
                  },
                  {
                     status: "affected",
                     version: "1.2",
                  },
                  {
                     status: "affected",
                     version: "1.1.2",
                  },
                  {
                     status: "affected",
                     version: "1.1.1",
                  },
               ],
            },
         ],
         datePublic: "2017-12-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Remote Code Execution Vulnerability",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-07-16T07:06:16",
            orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
            shortName: "apache",
         },
         references: [
            {
               name: "102154",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/102154",
            },
            {
               name: "[dev] 20171210 [CVE-2017-15708] Apache Synapse Remote Code Execution Vulnerability",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/77f2accf240d25d91b47033e2f8ebec84ffbc6e6627112b2f98b66c9%40%3Cdev.synapse.apache.org%3E",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujul2020.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujan2020.html",
            },
            {
               name: "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5595: [FE][Fix]Update commons-collections to fix a security issue",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.apache.org/thread.html/r0fb289cd38c915b9a13a3376134f96222dd9100f1ef66b41631865c6%40%3Ccommits.doris.apache.org%3E",
            },
            {
               name: "GLSA-202107-37",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/202107-37",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@apache.org",
               DATE_PUBLIC: "2017-12-10T00:00:00",
               ID: "CVE-2017-15708",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Apache Synapse",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "3.0.0",
                                       },
                                       {
                                          version_value: "2.1.0",
                                       },
                                       {
                                          version_value: "2.0.0",
                                       },
                                       {
                                          version_value: "1.2",
                                       },
                                       {
                                          version_value: "1.1.2",
                                       },
                                       {
                                          version_value: "1.1.1",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Apache Software Foundation",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Remote Code Execution Vulnerability",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "102154",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/102154",
                  },
                  {
                     name: "[dev] 20171210 [CVE-2017-15708] Apache Synapse Remote Code Execution Vulnerability",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/77f2accf240d25d91b47033e2f8ebec84ffbc6e6627112b2f98b66c9@%3Cdev.synapse.apache.org%3E",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujul2020.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujul2020.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujan2020.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujan2020.html",
                  },
                  {
                     name: "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5595: [FE][Fix]Update commons-collections to fix a security issue",
                     refsource: "MLIST",
                     url: "https://lists.apache.org/thread.html/r0fb289cd38c915b9a13a3376134f96222dd9100f1ef66b41631865c6@%3Ccommits.doris.apache.org%3E",
                  },
                  {
                     name: "GLSA-202107-37",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/202107-37",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09",
      assignerShortName: "apache",
      cveId: "CVE-2017-15708",
      datePublished: "2017-12-11T15:00:00Z",
      dateReserved: "2017-10-21T00:00:00",
      dateUpdated: "2024-09-17T02:51:55.934Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2010-06-22 20:30
Modified
2024-11-21 01:14
Severity ?
Summary
Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.
References
secalert@redhat.comhttp://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html
secalert@redhat.comhttp://geronimo.apache.org/21x-security-report.html
secalert@redhat.comhttp://geronimo.apache.org/22x-security-report.html
secalert@redhat.comhttp://markmail.org/message/e4yiij7lfexastvl
secalert@redhat.comhttp://secunia.com/advisories/40252Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/40279Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/41016
secalert@redhat.comhttp://secunia.com/advisories/41025
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21433581
secalert@redhat.comhttp://www-1.ibm.com/support/docview.wss?uid=swg1PM14765
secalert@redhat.comhttp://www-1.ibm.com/support/docview.wss?uid=swg1PM14844
secalert@redhat.comhttp://www-1.ibm.com/support/docview.wss?uid=swg1PM14847
secalert@redhat.comhttp://www.securitytracker.com/id/1036901
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1528Vendor Advisory
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/1531Vendor Advisory
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289984
secalert@redhat.comhttps://issues.apache.org/jira/browse/AXIS2-4450
secalert@redhat.comhttps://issues.apache.org/jira/browse/GERONIMO-5383
secalert@redhat.comhttps://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdf
af854a3a-2127-422b-91ae-364da2661108http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html
af854a3a-2127-422b-91ae-364da2661108http://geronimo.apache.org/21x-security-report.html
af854a3a-2127-422b-91ae-364da2661108http://geronimo.apache.org/22x-security-report.html
af854a3a-2127-422b-91ae-364da2661108http://markmail.org/message/e4yiij7lfexastvl
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40252Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40279Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/41016
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/41025
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21433581
af854a3a-2127-422b-91ae-364da2661108http://www-1.ibm.com/support/docview.wss?uid=swg1PM14765
af854a3a-2127-422b-91ae-364da2661108http://www-1.ibm.com/support/docview.wss?uid=swg1PM14844
af854a3a-2127-422b-91ae-364da2661108http://www-1.ibm.com/support/docview.wss?uid=swg1PM14847
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036901
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1528Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1531Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289984
af854a3a-2127-422b-91ae-364da2661108https://issues.apache.org/jira/browse/AXIS2-4450
af854a3a-2127-422b-91ae-364da2661108https://issues.apache.org/jira/browse/GERONIMO-5383
af854a3a-2127-422b-91ae-364da2661108https://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdf



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0905C80-A1BA-49CD-90CA-9270ECC3940C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B108457A-50DC-4432-9E30-98ADBEBF2389",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A8FC820-48D5-4850-82F7-8DA4A18EFF51",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0661F4A0-A520-4443-B19D-6885920ADFE5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "A553A6E7-64AA-41F2-9B92-4EC715C617B0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "9BFBDE57-3895-4841-B23C-06336A7016EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "CF56870A-F9D3-4544-B63A-EFC2E82A1F7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "30B7A7B9-FCD1-4509-93CF-C5B736B04F4B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "C93D1CE2-1772-44C0-A8CB-73E9AA1AF6B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*",
                     matchCriteriaId: "90BA0923-4064-49D3-82A2-EEFC4B0F9A9C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "6289CCB4-9A13-4BB5-B44E-7CA936DD8421",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*",
                     matchCriteriaId: "833256BB-E2A6-4FE9-BE4F-982578023E43",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:a:ibm:websphere_application_server:7.0.0.12:*:*:*:*:*:*:*",
                     matchCriteriaId: "9631D69C-AFEC-4CFF-9190-3E5435EDCEC2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:axis2:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEE048D6-C2D3-43F7-BA3C-E07FCFC00EAC",
                     versionEndIncluding: "1.5.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0CBFD09-884C-436D-8D92-88B47A130C47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0604FFE-16AC-4990-85F6-88C48A8E1707",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D99CAA7-6580-4B1E-BDD7-0933F037B29D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC2371DC-0E86-49F2-98F6-4CCE49A24183",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:axis2:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEE048D6-C2D3-43F7-BA3C-E07FCFC00EAC",
                     versionEndIncluding: "1.5.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0CBFD09-884C-436D-8D92-88B47A130C47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0604FFE-16AC-4990-85F6-88C48A8E1707",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D99CAA7-6580-4B1E-BDD7-0933F037B29D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC2371DC-0E86-49F2-98F6-4CCE49A24183",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:geronimo:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "67517877-5475-4CDA-A634-4CDE447D41D1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:axis2:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEE048D6-C2D3-43F7-BA3C-E07FCFC00EAC",
                     versionEndIncluding: "1.5.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0CBFD09-884C-436D-8D92-88B47A130C47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0604FFE-16AC-4990-85F6-88C48A8E1707",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D99CAA7-6580-4B1E-BDD7-0933F037B29D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC2371DC-0E86-49F2-98F6-4CCE49A24183",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:orchestration_director_engine:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8FD46A81-A6D2-4754-A605-B404CF458BA4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:axis2:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEE048D6-C2D3-43F7-BA3C-E07FCFC00EAC",
                     versionEndIncluding: "1.5.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0CBFD09-884C-436D-8D92-88B47A130C47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0604FFE-16AC-4990-85F6-88C48A8E1707",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D99CAA7-6580-4B1E-BDD7-0933F037B29D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC2371DC-0E86-49F2-98F6-4CCE49A24183",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:synapse:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "12E8E133-63B2-4B89-BCE9-2BE9DDB010EF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:axis2:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEE048D6-C2D3-43F7-BA3C-E07FCFC00EAC",
                     versionEndIncluding: "1.5.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0CBFD09-884C-436D-8D92-88B47A130C47",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0604FFE-16AC-4990-85F6-88C48A8E1707",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D99CAA7-6580-4B1E-BDD7-0933F037B29D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:axis2:1.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC2371DC-0E86-49F2-98F6-4CCE49A24183",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:tuscany:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "69C1D6C8-B442-4DD2-8988-4DC7A7FDC7AA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to the Synapse SimpleStockQuoteService.",
      },
      {
         lang: "es",
         value: "Apache Axis2 en versiones anteriores a la 1.5.2, tal como se usa en IBM WebSphere Application Server (WAS) 7.0 a 7.0.0.12, IBM Feature Pack para Web Services 6.1.0.9 a 6.1.0.32, IBM Feature Pack para Web 2.0 1.0.1.0, Apache Synapse, Apache ODE, Apache Tuscany, Apache Geronimo y otros productos, no rechaza de manera apropiada DTDs en mensajes SOAP, lo que permite a atacantes remotos leer ficheros de su elección, enviar peticiones HTTP a servidores de la intranet o provocar una denegación de servicio (consumo de memoria y de CPU) mediante un DTD manipulado, como se ha demostrado por una declaración de entidad en una petición a Synapse SimpleStockQuoteService.",
      },
   ],
   id: "CVE-2010-1632",
   lastModified: "2024-11-21T01:14:50.957",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 7.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2010-06-22T20:30:01.493",
   references: [
      {
         source: "secalert@redhat.com",
         url: "http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://geronimo.apache.org/21x-security-report.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://geronimo.apache.org/22x-security-report.html",
      },
      {
         source: "secalert@redhat.com",
         url: "http://markmail.org/message/e4yiij7lfexastvl",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/40252",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/40279",
      },
      {
         source: "secalert@redhat.com",
         url: "http://secunia.com/advisories/41016",
      },
      {
         source: "secalert@redhat.com",
         url: "http://secunia.com/advisories/41025",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21433581",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14765",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14844",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14847",
      },
      {
         source: "secalert@redhat.com",
         url: "http://www.securitytracker.com/id/1036901",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2010/1528",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2010/1531",
      },
      {
         source: "secalert@redhat.com",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289984",
      },
      {
         source: "secalert@redhat.com",
         url: "https://issues.apache.org/jira/browse/AXIS2-4450",
      },
      {
         source: "secalert@redhat.com",
         url: "https://issues.apache.org/jira/browse/GERONIMO-5383",
      },
      {
         source: "secalert@redhat.com",
         url: "https://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://geronimo.apache.org/21x-security-report.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://geronimo.apache.org/22x-security-report.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://markmail.org/message/e4yiij7lfexastvl",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/40252",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/40279",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/41016",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/41025",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www-01.ibm.com/support/docview.wss?uid=swg21433581",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14765",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14844",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www-1.ibm.com/support/docview.wss?uid=swg1PM14847",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id/1036901",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2010/1528",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.vupen.com/english/advisories/2010/1531",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289984",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://issues.apache.org/jira/browse/AXIS2-4450",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://issues.apache.org/jira/browse/GERONIMO-5383",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://svn.apache.org/repos/asf/axis/axis2/java/core/security/CVE-2010-1632.pdf",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2017-12-11 15:29
Modified
2024-11-21 03:15
Severity ?
Summary
In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:apache:synapse:1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2CDE3B8-4925-4432-A392-91FE14E26A5F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:synapse:1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDEA6B13-3CAE-4062-9204-039176C4C5C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:synapse:1.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "7647E5A8-F6A3-465E-8269-DACD7D69D9BE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:synapse:1.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "458A586F-9BC5-4B12-8700-9162B1A90516",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:synapse:1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "CEF877C1-C68B-416D-9F8C-488AC8473625",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:synapse:2.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "A110F340-084D-463A-8EF0-48B743EA8741",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:synapse:2.1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7ACC01A-13FE-4E89-8C0A-572EE3E3863C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:apache:synapse:3.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "32D8CFF0-B33B-4544-BB41-C2A4B373E186",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "EF6D5112-4055-4F89-A5B3-0DCB109481B7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*",
                     matchCriteriaId: "D262848E-AA24-4057-A747-6221BA22ADF4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0A735B4-4F3C-416B-8C08-9CB21BAD2889",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.",
      },
      {
         lang: "es",
         value: "En Apache Synapse, no se requiere por defecto autenticación para Java Remote Method Invocation (RMI). Por lo tanto, Apache Synapse 3.0.1 o todas las versiones anteriores (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2 y 1.1.1) permite ataques de ejecución remota de código que pueden realizarse inyectando objetos serializados especialmente manipulados. La presencia de Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) o versiones previas en la distribución Synapse lo hace explotable. Para mitigar este problema, es necesario limitar el acceso RMI solo a usuarios de confianza. La actualización a la versión 3.0.1 eliminará el riesgo de tener dicha versión de Commons Collection. En Synapse 3.0.1, Commons Collection se ha actualizado a la versión 3.2.2.",
      },
   ],
   id: "CVE-2017-15708",
   lastModified: "2024-11-21T03:15:02.863",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 7.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-12-11T15:29:00.237",
   references: [
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/102154",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/77f2accf240d25d91b47033e2f8ebec84ffbc6e6627112b2f98b66c9%40%3Cdev.synapse.apache.org%3E",
      },
      {
         source: "security@apache.org",
         url: "https://lists.apache.org/thread.html/r0fb289cd38c915b9a13a3376134f96222dd9100f1ef66b41631865c6%40%3Ccommits.doris.apache.org%3E",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202107-37",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2020.html",
      },
      {
         source: "security@apache.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujul2020.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/102154",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/77f2accf240d25d91b47033e2f8ebec84ffbc6e6627112b2f98b66c9%40%3Cdev.synapse.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.apache.org/thread.html/r0fb289cd38c915b9a13a3376134f96222dd9100f1ef66b41631865c6%40%3Ccommits.doris.apache.org%3E",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/202107-37",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2020.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujul2020.html",
      },
   ],
   sourceIdentifier: "security@apache.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-74",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}