Action not permitted
Modal body text goes here.
CVE-2012-4431
Vulnerability from cvelistv5
Published
2012-12-19 11:00
Modified
2024-08-06 20:35
Severity ?
EPSS score ?
Summary
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T20:35:09.577Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:18541", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18541" }, { "name": "SSRT101139", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "20121204 CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0045.html" }, { "name": "openSUSE-SU-2013:0161", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html" }, { "name": "USN-1685-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-1685-1" }, { "name": "openSUSE-SU-2012:1700", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html" }, { "name": "56814", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/56814" }, { "name": "openSUSE-SU-2013:0192", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00080.html" }, { "name": "SSRT101182", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878" }, { "name": "RHSA-2013:0268", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0268.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://tomcat.apache.org/security-7.html" }, { "name": "RHSA-2013:0648", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0648.html" }, { "name": "1027834", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id?1027834" }, { "name": "RHSA-2013:1437", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1437.html" }, { "name": "HPSBMU02873", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "name": "RHSA-2013:0647", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0647.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://tomcat.apache.org/security-6.html" }, { "name": "57126", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/57126" }, { "name": "RHSA-2013:1853", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1853.html" }, { "name": "openSUSE-SU-2013:0147", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "name": "RHSA-2013:0267", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0267.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1393088" }, { "name": "HPSBUX02866", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "HPSBST02955", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2" }, { "name": "openSUSE-SU-2012:1701", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2012-12-04T00:00:00", "descriptions": [ { "lang": "en", "value": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "oval:org.mitre.oval:def:18541", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18541" }, { "name": "SSRT101139", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "20121204 CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0045.html" }, { "name": "openSUSE-SU-2013:0161", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html" }, { "name": "USN-1685-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-1685-1" }, { "name": "openSUSE-SU-2012:1700", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html" }, { "name": "56814", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/56814" }, { "name": "openSUSE-SU-2013:0192", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00080.html" }, { "name": "SSRT101182", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878" }, { "name": "RHSA-2013:0268", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0268.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://tomcat.apache.org/security-7.html" }, { "name": "RHSA-2013:0648", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0648.html" }, { "name": "1027834", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id?1027834" }, { "name": "RHSA-2013:1437", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1437.html" }, { "name": "HPSBMU02873", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "name": "RHSA-2013:0647", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0647.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://tomcat.apache.org/security-6.html" }, { "name": "57126", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/57126" }, { "name": "RHSA-2013:1853", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1853.html" }, { "name": "openSUSE-SU-2013:0147", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "name": "RHSA-2013:0267", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0267.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1393088" }, { "name": "HPSBUX02866", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "HPSBST02955", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2" }, { "name": "openSUSE-SU-2012:1701", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4431", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:18541", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18541" }, { "name": "SSRT101139", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "20121204 CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0045.html" }, { "name": "openSUSE-SU-2013:0161", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html" }, { "name": "USN-1685-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1685-1" }, { "name": "openSUSE-SU-2012:1700", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html" }, { "name": "56814", "refsource": "BID", "url": "http://www.securityfocus.com/bid/56814" }, { "name": "openSUSE-SU-2013:0192", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00080.html" }, { "name": "SSRT101182", "refsource": "HP", "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878" }, { "name": "RHSA-2013:0268", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0268.html" }, { "name": "http://tomcat.apache.org/security-7.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-7.html" }, { "name": "RHSA-2013:0648", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0648.html" }, { "name": "1027834", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1027834" }, { "name": "RHSA-2013:1437", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1437.html" }, { "name": "HPSBMU02873", "refsource": "HP", "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878" }, { "name": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088\u0026r2=1393087\u0026pathrev=1393088", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "name": "RHSA-2013:0647", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0647.html" }, { "name": "http://tomcat.apache.org/security-6.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-6.html" }, { "name": "57126", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/57126" }, { "name": "RHSA-2013:1853", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1853.html" }, { "name": "openSUSE-SU-2013:0147", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html" }, { "name": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088\u0026r2=1393087\u0026pathrev=1393088", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "name": "RHSA-2013:0267", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0267.html" }, { "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1393088", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1393088" }, { "name": "HPSBUX02866", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "HPSBST02955", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2" }, { "name": "openSUSE-SU-2012:1701", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-4431", "datePublished": "2012-12-19T11:00:00", "dateReserved": "2012-08-21T00:00:00", "dateUpdated": "2024-08-06T20:35:09.577Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2012-4431\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2012-12-19T11:55:54.577\",\"lastModified\":\"2017-09-19T01:35:22.980\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.\"},{\"lang\":\"es\",\"value\":\"org/apache/catalina/filters/CsrfPreventionFilter.java en Apache Tomcat v6.x antes de v6.0.36 y v7.x antes de v7.0.32 permite a atacantes remotos evitar el mecanismo de protecci\u00f3n de CSRF a trav\u00e9s de una petici\u00f3n que carece de un identificador de sesi\u00f3n.\\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":4.3},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D11D6FB7-CBDB-48C1-98CB-1B3CAA36C5D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49E3C039-A949-4F1B-892A-57147EECB249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A354C34-A3FE-4B8A-9985-8874A0634BC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F28C7801-41B9-4552-BA1E-577967BCBBEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFE300CC-FD4A-444E-8506-E5E269D0A0A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B21085-7259-4685-9D1F-FF98E6489E10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"F50A3EC9-516E-48A7-839B-A73F491B5B9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C28F09D-5CAA-4CA7-A2B5-3B2820F5F409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"635EE321-2A1F-4FF8-95BE-0C26591969D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A81B035-8598-4D2C-B45F-C6C9D4B10C2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAC2FC75-97D2-4EA1-A1A0-F592A6D7C1F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1096947-82A6-4EA8-A4F2-00D91E3F7DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4871FD1-7F8C-4677-A80B-4A0BBC71DD7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"31AB969A-9ACE-44EF-B2E5-CEC008F47C46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"06217215-72E4-4478-BACB-628A0836A645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C95ADA4-66F5-45C4-A677-ACE22367A75A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA810F3F-ADD3-4D3F-9DFC-DBDD87B3079C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11951A10-39A2-4FF5-8C43-DF94730FB794\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B79F2EA-C893-4359-80EC-24AE38D982E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"351E5BCF-A56B-4D91-BA3C-21A4B77D529A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC2BBB4-171E-4EFF-A575-A5B7FF031755\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B6B0504-27C1-4824-A928-A878CBBAB32D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D903956B-14F5-4177-AF12-0A5F1846D3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F847DC-A2F5-456C-9038-16A0E85F4C3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6B93A3A-D487-4CA1-8257-26F8FE287B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8802B2-57E0-4AA6-BC8E-00DE60468569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8461DF95-18DC-4BF5-A703-7F19DA88DC30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2823789C-2CB6-4300-94DB-BDBE83ABA8E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A61429EE-4331-430C-9830-58DCCBCBCB58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31B3593F-CEDF-423C-90F8-F88EED87DC3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE7862B2-E1FA-4E16-92CD-8918AB461D9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9E03BE3-60CC-4415-B993-D0BB00F87A30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48E5E8C3-21AD-4230-B945-AB7DE66307B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4945C8C1-C71B-448B-9075-07C6C92599CF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F8C62EF-1B67-456A-9C66-755439CF8556\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"33E9607B-4D28-460D-896B-E4B7FA22441E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A819E245-D641-4F19-9139-6C940504F6E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C381275-10C5-4939-BCE3-0D1F3B3CB2EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"81A31CA0-A209-4C49-AA06-C38E165E5B68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7205475A-6D04-4042-B24E-1DA5A57029B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08022987-B36B-4F63-88A5-A8F59195DF4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA563BF-A67A-477D-956A-167ABEF885C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF4B7557-EF35-451E-B55D-3296966695AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8980E61E-27BE-4858-82B3-C0E8128AF521\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8756BF9B-3E24-4677-87AE-31CE776541F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88CE057E-2092-4C98-8D0C-75CF439D0A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F194580-EE6D-4E38-87F3-F0661262256B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9731BAA-4C6C-4259-B786-F577D8A90FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F74A421-D019-4248-84B8-C70D4D9A8A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05346F5A-FB52-4376-AAC7-9A5308216545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"305688F2-50A6-41FB-8614-BC589DB9A789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D24AA431-C436-4AA5-85DF-B9AAFF2548FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25966344-15D5-4101-9346-B06BFD2DFFF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F4CBAC-27B1-4EFF-955A-A63B457D0578\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD55B338-9DBE-4643-ABED-A08964D3AF7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D4F710E-06EA-48F4-AC6A-6F143950F015\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C4936C2-0B2D-4C44-98C3-443090965F5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48453405-2319-4327-9F4C-6F70B49452C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49DD9544-6424-41A6-AEC0-EC19B8A10E71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4670E65-2E11-49A4-B661-57C2F60D411F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31002A23-4788-4BC7-AE11-A3C2AA31716D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D731065-626B-4425-8E49-F708DD457824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E037DA05-2BEF-4F64-B8BB-307247B6A05C\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2012-12/0045.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-01/msg00080.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0267.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0268.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0647.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0648.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1437.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1853.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/57126\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088\u0026r2=1393087\u0026pathrev=1393088\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088\u0026r2=1393087\u0026pathrev=1393088\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://svn.apache.org/viewvc?view=revision\u0026revision=1393088\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://tomcat.apache.org/security-6.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tomcat.apache.org/security-7.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/56814\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id?1027834\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1685-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18541\",\"source\":\"secalert@redhat.com\"}]}}" } }
rhsa-2013_1437
Vulnerability from csaf_redhat
Published
2013-10-16 16:45
Modified
2024-11-22 07:13
Summary
Red Hat Security Advisory: Red Hat JBoss Portal 6.1.0 update
Notes
Topic
Red Hat JBoss Portal 6.1.0, which fixes multiple security
issues and various bugs, is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
This Red Hat JBoss Portal 6.1.0 release serves as a replacement for
6.0.0. Refer to the 6.1.0 Release Notes for further information, available
shortly from https://access.redhat.com/knowledge/docs/
It was found that sending a request without a session identifier to a
protected resource could bypass the CSRF prevention filter in JBoss Web. A
remote attacker could use this flaw to perform CSRF attacks against
applications that rely on the CSRF prevention filter. (CVE-2012-4431)
When applications used the COOKIE session tracking method, the jsessionid
would be appended as a query string parameter when processing the first
request of a session. This could possibly lead to users' sessions being
hijacked via man-in-the-middle attacks. (CVE-2012-4529)
If multiple applications used the same custom authorization module class
name, and provided their own implementations of it, the first application
to be loaded will have its implementation used for all other applications
using the same custom authorization module class name. A local attacker
could deploy a malicious application that provides implementations of
custom authorization modules that apply authorization rules supplied by the
attacker. (CVE-2012-4572)
XML encryption backwards compatibility attacks were found against various
frameworks, including Apache CXF. An attacker could force a server to use
insecure, legacy cryptosystems, even when secure cryptosystems were enabled
on endpoints. By forcing the use of legacy cryptosystems, flaws such as
CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be
recovered from cryptograms and symmetric keys. (CVE-2012-5575)
Note: Automatic checks to prevent CVE-2012-5575 are only run when
WS-SecurityPolicy is used to enforce security requirements, which is best
practice.
The data file used by PicketBox Vault to store encrypted passwords contains
a copy of its own admin key. The file is encrypted using only this admin
key, not the corresponding JKS key. A local attacker with permission to
read the vault data file could read the admin key from the file.
(CVE-2013-1921)
A session fixation flaw was found in the Tomcat FormAuthenticator module.
(CVE-2013-2067)
When a JGroups channel was started, the JGroups diagnostics service was
enabled by default with no authentication via IP multicast. An attacker on
an adjacent network could exploit this flaw to read diagnostics
information. (CVE-2013-2102)
Multiple denial of service flaws were found in the way the Apache CXF StAX
parser implementation processed certain XML files. A remote attacker could
provide a specially crafted XML file that, when processed, would lead to
excessive CPU and memory consumption. (CVE-2013-2160)
A flaw was found in the way Apache Santuario XML Security for Java
validated XML signatures. Santuario allowed a signature to specify an
arbitrary canonicalization algorithm, which would be applied to the
SignedInfo XML fragment. A remote attacker could exploit this to spoof an
XML signature, via a specially-crafted XML signature block. (CVE-2013-2172)
A flaw was found in JGroup's DiagnosticsHandler that allowed an attacker on
an adjacent network to reuse the credentials from a previous successful
authentication. This could be exploited to read diagnostic information and
attain limited remote code execution. (CVE-2013-4112)
A flaw was discovered in the way authenticated connections were cached on
the server by remote-naming. After a user has successfully logged in, a
remote attacker could use a remoting client to log in as that user without
knowing their password, allowing them to access data and perform actions
with the privileges of that user. (CVE-2013-4128)
A flaw was discovered in the way connections for remote EJB invocations via
the EJB client API were cached on the server. After a user has successfully
logged in, a remote attacker could use an EJB client to log in as that user
without knowing their password. (CVE-2013-4213)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat JBoss Portal 6.1.0, which fixes multiple security\nissues and various bugs, is now available from the Red Hat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "This Red Hat JBoss Portal 6.1.0 release serves as a replacement for\n6.0.0. Refer to the 6.1.0 Release Notes for further information, available\nshortly from https://access.redhat.com/knowledge/docs/\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the CSRF prevention filter in JBoss Web. A\nremote attacker could use this flaw to perform CSRF attacks against\napplications that rely on the CSRF prevention filter. (CVE-2012-4431)\n\nWhen applications used the COOKIE session tracking method, the jsessionid\nwould be appended as a query string parameter when processing the first\nrequest of a session. This could possibly lead to users\u0027 sessions being\nhijacked via man-in-the-middle attacks. (CVE-2012-4529)\n\nIf multiple applications used the same custom authorization module class\nname, and provided their own implementations of it, the first application\nto be loaded will have its implementation used for all other applications\nusing the same custom authorization module class name. A local attacker\ncould deploy a malicious application that provides implementations of\ncustom authorization modules that apply authorization rules supplied by the\nattacker. (CVE-2012-4572)\n\nXML encryption backwards compatibility attacks were found against various\nframeworks, including Apache CXF. An attacker could force a server to use\ninsecure, legacy cryptosystems, even when secure cryptosystems were enabled\non endpoints. By forcing the use of legacy cryptosystems, flaws such as\nCVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be\nrecovered from cryptograms and symmetric keys. (CVE-2012-5575)\n\nNote: Automatic checks to prevent CVE-2012-5575 are only run when\nWS-SecurityPolicy is used to enforce security requirements, which is best\npractice.\n\nThe data file used by PicketBox Vault to store encrypted passwords contains\na copy of its own admin key. The file is encrypted using only this admin\nkey, not the corresponding JKS key. A local attacker with permission to\nread the vault data file could read the admin key from the file.\n(CVE-2013-1921)\n\nA session fixation flaw was found in the Tomcat FormAuthenticator module.\n(CVE-2013-2067)\n\nWhen a JGroups channel was started, the JGroups diagnostics service was\nenabled by default with no authentication via IP multicast. An attacker on\nan adjacent network could exploit this flaw to read diagnostics\ninformation. (CVE-2013-2102)\n\nMultiple denial of service flaws were found in the way the Apache CXF StAX\nparser implementation processed certain XML files. A remote attacker could\nprovide a specially crafted XML file that, when processed, would lead to\nexcessive CPU and memory consumption. (CVE-2013-2160)\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature, via a specially-crafted XML signature block. (CVE-2013-2172)\n\nA flaw was found in JGroup\u0027s DiagnosticsHandler that allowed an attacker on\nan adjacent network to reuse the credentials from a previous successful\nauthentication. This could be exploited to read diagnostic information and\nattain limited remote code execution. (CVE-2013-4112)\n\nA flaw was discovered in the way authenticated connections were cached on\nthe server by remote-naming. After a user has successfully logged in, a\nremote attacker could use a remoting client to log in as that user without\nknowing their password, allowing them to access data and perform actions\nwith the privileges of that user. (CVE-2013-4128)\n\nA flaw was discovered in the way connections for remote EJB invocations via\nthe EJB client API were cached on the server. After a user has successfully\nlogged in, a remote attacker could use an EJB client to log in as that user\nwithout knowing their password. (CVE-2013-4213)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:1437", "url": "https://access.redhat.com/errata/RHSA-2013:1437" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jbportal\u0026downloadType=distributions", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jbportal\u0026downloadType=distributions" }, { "category": "external", "summary": "868202", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=868202" }, { "category": "external", "summary": "872059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=872059" }, { "category": "external", "summary": "880443", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880443" }, { "category": "external", "summary": "883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "929197", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=929197" }, { "category": "external", "summary": "948106", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=948106" }, { "category": "external", "summary": "961779", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=961779" }, { "category": "external", "summary": "963984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=963984" }, { "category": "external", "summary": "983489", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=983489" }, { "category": "external", "summary": "984795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=984795" }, { "category": "external", "summary": "985359", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=985359" }, { "category": "external", "summary": "999263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=999263" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1437.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Portal 6.1.0 update", "tracking": { "current_release_date": "2024-11-22T07:13:25+00:00", "generator": { "date": "2024-11-22T07:13:25+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:1437", "initial_release_date": "2013-10-16T16:45:00+00:00", "revision_history": [ { "date": "2013-10-16T16:45:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2013-10-16T16:53:32+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T07:13:25+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Portal Platform 6.1", "product": { "name": "Red Hat JBoss Portal Platform 6.1", "product_id": "Red Hat JBoss Portal Platform 6.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_portal_platform:6.1.0" } } } ], "category": "product_family", "name": "Red Hat JBoss Middleware" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-4431", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2012-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "883636" } ], "notes": [ { "category": "description", "text": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JBoss Web - Bypass of CSRF prevention filter", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of tomcat5 as shipped with Red Hat Enterprise Linux 5 and tomcat6 as shipped with Red Hat Enterprise Linux 6 as they did not include the CSRF prevention filter.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4431" }, { "category": "external", "summary": "RHBZ#883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4431", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4431" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32" } ], "release_date": "2012-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JBoss Web - Bypass of CSRF prevention filter" }, { "cve": "CVE-2012-4529", "discovery_date": "2012-10-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "868202" } ], "notes": [ { "category": "description", "text": "The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log.", "title": "Vulnerability description" }, { "category": "summary", "text": "Web: jsessionid exposed via encoded url when using cookie based session tracking", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4529" }, { "category": "external", "summary": "RHBZ#868202", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=868202" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4529", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4529" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4529", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4529" } ], "release_date": "2012-10-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Web: jsessionid exposed via encoded url when using cookie based session tracking" }, { "acknowledgments": [ { "names": [ "Josef Cacek" ], "organization": "Red Hat JBoss EAP Quality Engineering team", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2012-4572", "discovery_date": "2012-10-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "872059" } ], "notes": [ { "category": "description", "text": "Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implementation is already loaded and the modules share class names, which allows local users to control certain applications\u0027 authorization decisions via a crafted application.", "title": "Vulnerability description" }, { "category": "summary", "text": "JBoss: custom authorization module implementations shared between applications", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4572" }, { "category": "external", "summary": "RHBZ#872059", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=872059" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4572", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4572" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4572", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4572" } ], "release_date": "2013-05-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.7, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "JBoss: custom authorization module implementations shared between applications" }, { "acknowledgments": [ { "names": [ "Tibor Jager", "Kenneth G. Paterson", "Juraj Somorovsky" ], "organization": "Ruhr-University Bochum" } ], "cve": "CVE-2012-5575", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2012-11-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "880443" } ], "notes": [ { "category": "description", "text": "Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications, aka \"XML Encryption backwards compatibility attack.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-cxf: XML encryption backwards compatibility attacks", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5575" }, { "category": "external", "summary": "RHBZ#880443", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880443" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5575", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5575" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5575", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5575" }, { "category": "external", "summary": "http://cxf.apache.org/cve-2012-5575.html", "url": "http://cxf.apache.org/cve-2012-5575.html" }, { "category": "external", "summary": "http://www.nds.ruhr-uni-bochum.de/research/publications/backwards-compatibility/", "url": "http://www.nds.ruhr-uni-bochum.de/research/publications/backwards-compatibility/" } ], "release_date": "2013-03-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 7.8, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "apache-cxf: XML encryption backwards compatibility attacks" }, { "cve": "CVE-2013-1921", "discovery_date": "2013-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "948106" } ], "notes": [ { "category": "description", "text": "PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file.", "title": "Vulnerability description" }, { "category": "summary", "text": "PicketBox: Insecure storage of masked passwords", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1921" }, { "category": "external", "summary": "RHBZ#948106", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=948106" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1921", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1921" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1921", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1921" } ], "release_date": "2013-09-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 1.7, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "PicketBox: Insecure storage of masked passwords" }, { "cve": "CVE-2013-2067", "cwe": { "id": "CWE-384", "name": "Session Fixation" }, "discovery_date": "2013-05-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "961779" } ], "notes": [ { "category": "description", "text": "java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: Session fixation in form authenticator", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw allows an attacker to circumvent a session fixation prevention mechanism which was implemented in tomcat 5.5.x \u003e= 5.5.29, 6.0.x \u003e= 6.0.21 and 7.x. Earlier versions of tomcat do not include this mechanism, and are therefore not affected by this flaw. JBoss Web as included in JBoss 5.x products also does not include this mechanism, and is not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2067" }, { "category": "external", "summary": "RHBZ#961779", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=961779" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2067", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2067" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2067", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2067" } ], "release_date": "2013-05-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: Session fixation in form authenticator" }, { "acknowledgments": [ { "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2013-2102", "discovery_date": "2013-05-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "963984" } ], "notes": [ { "category": "description", "text": "The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtain sensitive information (diagnostics) by accessing the service.", "title": "Vulnerability description" }, { "category": "summary", "text": "Gatein: JGroups configurations enable diagnostics without authentication", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2102" }, { "category": "external", "summary": "RHBZ#963984", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=963984" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2102", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2102" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2102", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2102" } ], "release_date": "2013-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Gatein: JGroups configurations enable diagnostics without authentication" }, { "acknowledgments": [ { "names": [ "Andreas Falkenberg" ], "organization": "SEC Consult Deutschland GmbH" }, { "names": [ "Christian Mainka", "Juraj Somorovsky", "Joerg Schwenk" ], "organization": "Ruhr-University Bochum" } ], "cve": "CVE-2013-2160", "discovery_date": "2013-03-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "929197" } ], "notes": [ { "category": "description", "text": "The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via crafted XML with a large number of (1) elements, (2) attributes, (3) nested constructs, and possibly other vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-cxf: Multiple denial of service flaws in the StAX parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2160" }, { "category": "external", "summary": "RHBZ#929197", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=929197" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2160", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2160" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2160", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2160" }, { "category": "external", "summary": "http://cxf.apache.org/security-advisories.data/CVE-2013-2160.txt.asc", "url": "http://cxf.apache.org/security-advisories.data/CVE-2013-2160.txt.asc" } ], "release_date": "2013-06-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "apache-cxf: Multiple denial of service flaws in the StAX parser" }, { "cve": "CVE-2013-2172", "cwe": { "id": "CWE-290", "name": "Authentication Bypass by Spoofing" }, "discovery_date": "2013-08-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "999263" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via a specially crafted XML signature block.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java: XML signature spoofing", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2172" }, { "category": "external", "summary": "RHBZ#999263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=999263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2172", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2172" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2172", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2172" }, { "category": "external", "summary": "http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc", "url": "http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc" } ], "release_date": "2013-06-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Java: XML signature spoofing" }, { "cve": "CVE-2013-4112", "discovery_date": "2013-07-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "983489" } ], "notes": [ { "category": "description", "text": "The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.", "title": "Vulnerability description" }, { "category": "summary", "text": "JGroups: Authentication via cached credentials", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4112" }, { "category": "external", "summary": "RHBZ#983489", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=983489" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4112", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4112" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4112", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4112" } ], "release_date": "2013-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "JGroups: Authentication via cached credentials" }, { "acknowledgments": [ { "names": [ "Wolf-Dieter Fink" ], "organization": "Red Hat GSS Team", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2013-4128", "cwe": { "id": "CWE-384", "name": "Session Fixation" }, "discovery_date": "2013-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "984795" } ], "notes": [ { "category": "description", "text": "Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client.", "title": "Vulnerability description" }, { "category": "summary", "text": "remote-naming: Session fixation due improper connection caching", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4128" }, { "category": "external", "summary": "RHBZ#984795", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=984795" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4128", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4128" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4128", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4128" } ], "release_date": "2013-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "remote-naming: Session fixation due improper connection caching" }, { "acknowledgments": [ { "names": [ "Wolf-Dieter Fink" ], "organization": "Red Hat GSS Team", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2013-4213", "cwe": { "id": "CWE-384", "name": "Session Fixation" }, "discovery_date": "2013-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "985359" } ], "notes": [ { "category": "description", "text": "Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by the EJB client API, which allows remote attackers to hijack sessions by using an EJB client.", "title": "Vulnerability description" }, { "category": "summary", "text": "ejb-client: Session fixation due improper connection caching", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4213" }, { "category": "external", "summary": "RHBZ#985359", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=985359" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4213", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4213" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4213", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4213" } ], "release_date": "2013-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "ejb-client: Session fixation due improper connection caching" }, { "acknowledgments": [ { "names": [ "David Jorm" ], "organization": "Red Hat Product Security", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2013-6495", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2014-02-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1066794" } ], "notes": [ { "category": "description", "text": "JBossWeb Bayeux has reflected XSS", "title": "Vulnerability description" }, { "category": "summary", "text": "Bayeux: Reflected Cross-Site Scripting (XSS)", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat JBoss Enterprise Application Platform 6 prior to 6.1.1 and Red Hat JBoss Portal Platform 6 prior to 6.1.0 are affected by this flaw. All users of vulnerable versions are advised to update to 6.1.1 or later of Red Hat JBoss Enterprise Application Platform 6 and 6.1.0 or later of Red Hat JBoss Portal Platform 6", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Portal Platform 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-6495" }, { "category": "external", "summary": "RHBZ#1066794", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066794" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-6495", "url": "https://www.cve.org/CVERecord?id=CVE-2013-6495" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6495", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6495" } ], "release_date": "2014-07-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-10-16T16:45:00+00:00", "details": "Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; and\nAndreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka,\nJuraj Somorovsky, and Joerg Schwenk of Ruhr-University Bochum for reporting\nCVE-2013-2160. CVE-2012-4572 was discovered by Josef Cacek of the Red Hat\nJBoss EAP Quality Engineering team; CVE-2013-4128 and CVE-2013-4213 were\ndiscovered by Wolf-Dieter Fink of the Red Hat GSS Team; and CVE-2013-2102\nwas discovered by Red Hat.\n\nAll users of Red Hat JBoss Portal 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss Portal 6.1.0.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up all\napplications deployed on JBoss Enterprise Portal Platform, along with all\ncustomized configuration files, and any databases and database settings.", "product_ids": [ "Red Hat JBoss Portal Platform 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1437" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Portal Platform 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Bayeux: Reflected Cross-Site Scripting (XSS)" } ] }
rhsa-2013_0266
Vulnerability from csaf_redhat
Published
2013-02-19 20:31
Modified
2024-11-22 06:40
Summary
Red Hat Security Advisory: tomcat6 security update
Notes
Topic
Updated tomcat6 packages that fix multiple security issues are now
available for JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise
Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Apache Tomcat is a servlet container.
It was found that sending a request without a session identifier to a
protected resource could bypass the Cross-Site Request Forgery (CSRF)
prevention filter. A remote attacker could use this flaw to perform
CSRF attacks against applications that rely on the CSRF prevention filter
and do not contain internal mitigation for CSRF. (CVE-2012-4431)
A flaw was found in the way Tomcat handled sendfile operations when using
the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker
could use this flaw to cause a denial of service (infinite loop). The HTTP
NIO connector is used by default in JBoss Enterprise Web Server. The Apache
Portable Runtime (APR) connector from the Tomcat Native library was not
affected by this flaw. (CVE-2012-4534)
Multiple weaknesses were found in the Tomcat DIGEST authentication
implementation, effectively reducing the security normally provided by
DIGEST authentication. A remote attacker could use these flaws to perform
replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,
CVE-2012-5887)
A denial of service flaw was found in the way the Tomcat HTTP NIO connector
enforced limits on the permitted size of request headers. A remote attacker
could use this flaw to trigger an OutOfMemoryError by sending a
specially-crafted request with very large headers. The HTTP NIO connector
is used by default in JBoss Enterprise Web Server. The APR connector from
the Tomcat Native library was not affected by this flaw. (CVE-2012-2733)
Warning: Before applying the update, back up your existing JBoss Enterprise
Web Server installation (including all applications and configuration
files).
Users of Tomcat should upgrade to these updated packages, which resolve
these issues. Tomcat must be restarted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated tomcat6 packages that fix multiple security issues are now\navailable for JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise\nLinux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Apache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform\nCSRF attacks against applications that rely on the CSRF prevention filter\nand do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nA flaw was found in the way Tomcat handled sendfile operations when using\nthe HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker\ncould use this flaw to cause a denial of service (infinite loop). The HTTP\nNIO connector is used by default in JBoss Enterprise Web Server. The Apache\nPortable Runtime (APR) connector from the Tomcat Native library was not\naffected by this flaw. (CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to perform\nreplay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\nCVE-2012-5887)\n\nA denial of service flaw was found in the way the Tomcat HTTP NIO connector\nenforced limits on the permitted size of request headers. A remote attacker\ncould use this flaw to trigger an OutOfMemoryError by sending a\nspecially-crafted request with very large headers. The HTTP NIO connector\nis used by default in JBoss Enterprise Web Server. The APR connector from\nthe Tomcat Native library was not affected by this flaw. (CVE-2012-2733)\n\nWarning: Before applying the update, back up your existing JBoss Enterprise\nWeb Server installation (including all applications and configuration\nfiles).\n\nUsers of Tomcat should upgrade to these updated packages, which resolve\nthese issues. Tomcat must be restarted for this update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:0266", "url": "https://access.redhat.com/errata/RHSA-2013:0266" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html", "url": "http://tomcat.apache.org/security-6.html" }, { "category": "external", "summary": "873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "873695", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873695" }, { "category": "external", "summary": "883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "883637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883637" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0266.json" } ], "title": "Red Hat Security Advisory: tomcat6 security update", "tracking": { "current_release_date": "2024-11-22T06:40:34+00:00", "generator": { "date": "2024-11-22T06:40:34+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:0266", "initial_release_date": "2013-02-19T20:31:00+00:00", "revision_history": [ { "date": "2013-02-19T20:31:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2013-02-19T22:12:56+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T06:40:34+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product": { "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el5" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Web Server" }, { "branches": [ { "category": "product_version", "name": "tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "product": { "name": "tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_id": "tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.35-6_patch_06.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "product": { "name": "tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_id": "tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.35-6_patch_06.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "product": { "name": "tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_id": "tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.35-6_patch_06.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "product": { "name": "tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_id": "tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-el-1.0-api@6.0.35-6_patch_06.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "product": { "name": "tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_id": "tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.35-6_patch_06.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "product": { "name": "tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_id": "tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.35-6_patch_06.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "product": { "name": "tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_id": "tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.35-6_patch_06.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "product": { "name": "tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_id": "tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.35-6_patch_06.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "product": { "name": "tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_id": "tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.35-6_patch_06.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "product": { "name": "tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_id": "tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.35-6_patch_06.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "product": { "name": "tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_id": "tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.35-29_patch_06.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "product": { "name": "tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_id": "tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.35-29_patch_06.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "product": { "name": "tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_id": "tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.35-29_patch_06.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "product": { "name": "tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_id": "tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-el-1.0-api@6.0.35-29_patch_06.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "product": { "name": "tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_id": "tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.35-29_patch_06.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "product": { "name": "tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_id": "tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.35-29_patch_06.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "product": { "name": "tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_id": "tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.35-29_patch_06.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "product": { "name": "tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_id": "tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.35-29_patch_06.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "product": { "name": "tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_id": "tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.35-29_patch_06.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "product": { "name": "tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_id": "tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.35-29_patch_06.ep6.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "product": { "name": "tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "product_id": "tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.35-6_patch_06.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "product": { "name": "tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "product_id": "tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat6@6.0.35-29_patch_06.ep6.el6?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch" }, "product_reference": "tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.35-6_patch_06.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src" }, "product_reference": "tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch" }, "product_reference": "tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch" }, "product_reference": "tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch" }, "product_reference": "tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch" }, "product_reference": "tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch" }, "product_reference": "tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch" }, "product_reference": "tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch" }, "product_reference": "tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch" }, "product_reference": "tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-0:6.0.35-29_patch_06.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src" }, "product_reference": "tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" }, "product_reference": "tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch" }, "product_reference": "tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch" }, "product_reference": "tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch" }, "product_reference": "tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch" }, "product_reference": "tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch" }, "product_reference": "tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch" }, "product_reference": "tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch" }, "product_reference": "tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" }, "product_reference": "tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-2733", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873695" } ], "notes": [ { "category": "description", "text": "java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: HTTP NIO connector OOM DoS via a request with large headers", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-2733" }, { "category": "external", "summary": "RHBZ#873695", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873695" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-2733", "url": "https://www.cve.org/CVERecord?id=CVE-2012-2733" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2733", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2733" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:31:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0266" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: HTTP NIO connector OOM DoS via a request with large headers" }, { "cve": "CVE-2012-4431", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2012-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "883636" } ], "notes": [ { "category": "description", "text": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JBoss Web - Bypass of CSRF prevention filter", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of tomcat5 as shipped with Red Hat Enterprise Linux 5 and tomcat6 as shipped with Red Hat Enterprise Linux 6 as they did not include the CSRF prevention filter.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4431" }, { "category": "external", "summary": "RHBZ#883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4431", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4431" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32" } ], "release_date": "2012-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:31:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0266" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JBoss Web - Bypass of CSRF prevention filter" }, { "cve": "CVE-2012-4534", "discovery_date": "2012-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "883637" } ], "notes": [ { "category": "description", "text": "org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat - Denial Of Service when using NIO+SSL+sendfile", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4534" }, { "category": "external", "summary": "RHBZ#883637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883637" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4534", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4534" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4534", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4534" } ], "release_date": "2012-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:31:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0266" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat - Denial Of Service when using NIO+SSL+sendfile" }, { "cve": "CVE-2012-5885", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5885" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5885", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5885" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:31:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0266" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" }, { "cve": "CVE-2012-5886", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5886" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5886", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5886" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5886", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5886" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:31:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0266" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" }, { "cve": "CVE-2012-5887", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5887" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5887", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5887" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5887", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5887" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:31:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0266" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-0:6.0.35-6_patch_06.ep6.el5.src", "5Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-lib-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-log4j-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-6_patch_06.ep6.el5.noarch", "5Server-JBEWS-2:tomcat6-webapps-0:6.0.35-6_patch_06.ep6.el5.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-0:6.0.35-29_patch_06.ep6.el6.src", "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-el-1.0-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-lib-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-log4j-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.35-29_patch_06.ep6.el6.noarch", "6Server-JBEWS-2:tomcat6-webapps-0:6.0.35-29_patch_06.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" } ] }
rhsa-2013_0265
Vulnerability from csaf_redhat
Published
2013-02-19 20:29
Modified
2024-11-22 06:40
Summary
Red Hat Security Advisory: tomcat6 security update
Notes
Topic
An update for the Apache Tomcat 6 component for JBoss Enterprise Web Server
2.0.0 that fixes multiple security issues is now available from the Red Hat
Customer Portal.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Apache Tomcat is a servlet container.
It was found that sending a request without a session identifier to a
protected resource could bypass the Cross-Site Request Forgery (CSRF)
prevention filter. A remote attacker could use this flaw to perform
CSRF attacks against applications that rely on the CSRF prevention filter
and do not contain internal mitigation for CSRF. (CVE-2012-4431)
A flaw was found in the way Tomcat handled sendfile operations when using
the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker
could use this flaw to cause a denial of service (infinite loop). The HTTP
NIO connector is used by default in JBoss Enterprise Web Server. The Apache
Portable Runtime (APR) connector from the Tomcat Native library was not
affected by this flaw. (CVE-2012-4534)
Multiple weaknesses were found in the Tomcat DIGEST authentication
implementation, effectively reducing the security normally provided by
DIGEST authentication. A remote attacker could use these flaws to perform
replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,
CVE-2012-5887)
A denial of service flaw was found in the way the Tomcat HTTP NIO connector
enforced limits on the permitted size of request headers. A remote attacker
could use this flaw to trigger an OutOfMemoryError by sending a
specially-crafted request with very large headers. The HTTP NIO connector
is used by default in JBoss Enterprise Web Server. The APR connector from
the Tomcat Native library was not affected by this flaw. (CVE-2012-2733)
Warning: Before applying the update, back up your existing JBoss Enterprise
Web Server installation (including all applications and configuration
files).
All users of JBoss Enterprise Web Server 2.0.0 as provided from the Red Hat
Customer Portal are advised to apply this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the Apache Tomcat 6 component for JBoss Enterprise Web Server\n2.0.0 that fixes multiple security issues is now available from the Red Hat\nCustomer Portal.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Apache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform\nCSRF attacks against applications that rely on the CSRF prevention filter\nand do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nA flaw was found in the way Tomcat handled sendfile operations when using\nthe HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker\ncould use this flaw to cause a denial of service (infinite loop). The HTTP\nNIO connector is used by default in JBoss Enterprise Web Server. The Apache\nPortable Runtime (APR) connector from the Tomcat Native library was not\naffected by this flaw. (CVE-2012-4534)\n\nMultiple weaknesses were found in the Tomcat DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to perform\nreplay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\nCVE-2012-5887)\n\nA denial of service flaw was found in the way the Tomcat HTTP NIO connector\nenforced limits on the permitted size of request headers. A remote attacker\ncould use this flaw to trigger an OutOfMemoryError by sending a\nspecially-crafted request with very large headers. The HTTP NIO connector\nis used by default in JBoss Enterprise Web Server. The APR connector from\nthe Tomcat Native library was not affected by this flaw. (CVE-2012-2733)\n\nWarning: Before applying the update, back up your existing JBoss Enterprise\nWeb Server installation (including all applications and configuration\nfiles).\n\nAll users of JBoss Enterprise Web Server 2.0.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:0265", "url": "https://access.redhat.com/errata/RHSA-2013:0265" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=webserver\u0026version=2.0.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=webserver\u0026version=2.0.0" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html", "url": "http://tomcat.apache.org/security-6.html" }, { "category": "external", "summary": "873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "873695", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873695" }, { "category": "external", "summary": "883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "883637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883637" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0265.json" } ], "title": "Red Hat Security Advisory: tomcat6 security update", "tracking": { "current_release_date": "2024-11-22T06:40:29+00:00", "generator": { "date": "2024-11-22T06:40:29+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:0265", "initial_release_date": "2013-02-19T20:29:00+00:00", "revision_history": [ { "date": "2013-02-19T20:29:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2013-02-19T20:29:31+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T06:40:29+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Web Server 2.0", "product": { "name": "Red Hat JBoss Web Server 2.0", "product_id": "Red Hat JBoss Web Server 2.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.0" } } } ], "category": "product_family", "name": "Red Hat JBoss Web Server" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-2733", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873695" } ], "notes": [ { "category": "description", "text": "java/org/apache/coyote/http11/InternalNioInputBuffer.java in the HTTP NIO connector in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28 does not properly restrict the request-header size, which allows remote attackers to cause a denial of service (memory consumption) via a large amount of header data.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: HTTP NIO connector OOM DoS via a request with large headers", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-2733" }, { "category": "external", "summary": "RHBZ#873695", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873695" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-2733", "url": "https://www.cve.org/CVERecord?id=CVE-2012-2733" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2733", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2733" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:29:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting JBoss Enterprise Web Server installation (including all\napplications and configuration files).\n\nTomcat must be restarted for this update to take effect.", "product_ids": [ "Red Hat JBoss Web Server 2.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0265" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "Red Hat JBoss Web Server 2.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: HTTP NIO connector OOM DoS via a request with large headers" }, { "cve": "CVE-2012-4431", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2012-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "883636" } ], "notes": [ { "category": "description", "text": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JBoss Web - Bypass of CSRF prevention filter", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of tomcat5 as shipped with Red Hat Enterprise Linux 5 and tomcat6 as shipped with Red Hat Enterprise Linux 6 as they did not include the CSRF prevention filter.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4431" }, { "category": "external", "summary": "RHBZ#883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4431", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4431" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32" } ], "release_date": "2012-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:29:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting JBoss Enterprise Web Server installation (including all\napplications and configuration files).\n\nTomcat must be restarted for this update to take effect.", "product_ids": [ "Red Hat JBoss Web Server 2.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0265" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Web Server 2.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JBoss Web - Bypass of CSRF prevention filter" }, { "cve": "CVE-2012-4534", "discovery_date": "2012-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "883637" } ], "notes": [ { "category": "description", "text": "org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat - Denial Of Service when using NIO+SSL+sendfile", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4534" }, { "category": "external", "summary": "RHBZ#883637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883637" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4534", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4534" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4534", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4534" } ], "release_date": "2012-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:29:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting JBoss Enterprise Web Server installation (including all\napplications and configuration files).\n\nTomcat must be restarted for this update to take effect.", "product_ids": [ "Red Hat JBoss Web Server 2.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0265" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "Red Hat JBoss Web Server 2.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat - Denial Of Service when using NIO+SSL+sendfile" }, { "cve": "CVE-2012-5885", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5885" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5885", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5885" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:29:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting JBoss Enterprise Web Server installation (including all\napplications and configuration files).\n\nTomcat must be restarted for this update to take effect.", "product_ids": [ "Red Hat JBoss Web Server 2.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0265" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Web Server 2.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" }, { "cve": "CVE-2012-5886", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5886" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5886", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5886" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5886", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5886" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:29:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting JBoss Enterprise Web Server installation (including all\napplications and configuration files).\n\nTomcat must be restarted for this update to take effect.", "product_ids": [ "Red Hat JBoss Web Server 2.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0265" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Web Server 2.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" }, { "cve": "CVE-2012-5887", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5887" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5887", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5887" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5887", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5887" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:29:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting JBoss Enterprise Web Server installation (including all\napplications and configuration files).\n\nTomcat must be restarted for this update to take effect.", "product_ids": [ "Red Hat JBoss Web Server 2.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0265" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Web Server 2.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" } ] }
rhsa-2013_0268
Vulnerability from csaf_redhat
Published
2013-02-19 20:32
Modified
2024-11-22 06:40
Summary
Red Hat Security Advisory: tomcat7 security update
Notes
Topic
Updated tomcat7 packages that fix one security issue are now available for
JBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
Apache Tomcat is a servlet container.
It was found that sending a request without a session identifier to a
protected resource could bypass the Cross-Site Request Forgery (CSRF)
prevention filter. A remote attacker could use this flaw to perform
CSRF attacks against applications that rely on the CSRF prevention filter
and do not contain internal mitigation for CSRF. (CVE-2012-4431)
Warning: Before applying the update, back up your existing JBoss Enterprise
Web Server installation (including all applications and configuration
files).
Users of Tomcat should upgrade to these updated packages, which resolve
this issue. Tomcat must be restarted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated tomcat7 packages that fix one security issue are now available for\nJBoss Enterprise Web Server 2.0.0 for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.", "title": "Topic" }, { "category": "general", "text": "Apache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform\nCSRF attacks against applications that rely on the CSRF prevention filter\nand do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nWarning: Before applying the update, back up your existing JBoss Enterprise\nWeb Server installation (including all applications and configuration\nfiles).\n\nUsers of Tomcat should upgrade to these updated packages, which resolve\nthis issue. Tomcat must be restarted for this update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:0268", "url": "https://access.redhat.com/errata/RHSA-2013:0268" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html", "url": "http://tomcat.apache.org/security-7.html" }, { "category": "external", "summary": "883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0268.json" } ], "title": "Red Hat Security Advisory: tomcat7 security update", "tracking": { "current_release_date": "2024-11-22T06:40:42+00:00", "generator": { "date": "2024-11-22T06:40:42+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:0268", "initial_release_date": "2013-02-19T20:32:00+00:00", "revision_history": [ { "date": "2013-02-19T20:32:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2013-02-19T22:12:44+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T06:40:42+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product": { "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el5" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Web Server" }, { "branches": [ { "category": "product_version", "name": "tomcat7-lib-0:7.0.30-3_patch_02.ep6.el5.noarch", "product": { "name": "tomcat7-lib-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_id": "tomcat7-lib-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.30-3_patch_02.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-docs-webapp-0:7.0.30-3_patch_02.ep6.el5.noarch", "product": { "name": "tomcat7-docs-webapp-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_id": "tomcat7-docs-webapp-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.30-3_patch_02.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-javadoc-0:7.0.30-3_patch_02.ep6.el5.noarch", "product": { "name": "tomcat7-javadoc-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_id": "tomcat7-javadoc-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.30-3_patch_02.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-jsp-2.2-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "product": { "name": "tomcat7-jsp-2.2-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_id": "tomcat7-jsp-2.2-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.30-3_patch_02.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-el-1.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "product": { "name": "tomcat7-el-1.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_id": "tomcat7-el-1.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-el-1.0-api@7.0.30-3_patch_02.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.30-3_patch_02.ep6.el5.noarch", "product": { "name": "tomcat7-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_id": "tomcat7-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.30-3_patch_02.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-servlet-3.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "product": { "name": "tomcat7-servlet-3.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_id": "tomcat7-servlet-3.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.30-3_patch_02.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-admin-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "product": { "name": "tomcat7-admin-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_id": "tomcat7-admin-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.30-3_patch_02.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "product": { "name": "tomcat7-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_id": "tomcat7-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.30-3_patch_02.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-log4j-0:7.0.30-3_patch_02.ep6.el5.noarch", "product": { "name": "tomcat7-log4j-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_id": "tomcat7-log4j-0:7.0.30-3_patch_02.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.30-3_patch_02.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch", "product": { "name": "tomcat7-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_id": "tomcat7-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.30-5_patch_02.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-log4j-0:7.0.30-5_patch_02.ep6.el6.noarch", "product": { "name": "tomcat7-log4j-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_id": "tomcat7-log4j-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.30-5_patch_02.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-docs-webapp-0:7.0.30-5_patch_02.ep6.el6.noarch", "product": { "name": "tomcat7-docs-webapp-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_id": "tomcat7-docs-webapp-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.30-5_patch_02.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-admin-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch", "product": { "name": "tomcat7-admin-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_id": "tomcat7-admin-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.30-5_patch_02.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-jsp-2.2-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "product": { "name": "tomcat7-jsp-2.2-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_id": "tomcat7-jsp-2.2-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.30-5_patch_02.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-el-1.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "product": { "name": "tomcat7-el-1.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_id": "tomcat7-el-1.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-el-1.0-api@7.0.30-5_patch_02.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-servlet-3.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "product": { "name": "tomcat7-servlet-3.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_id": "tomcat7-servlet-3.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.30-5_patch_02.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-javadoc-0:7.0.30-5_patch_02.ep6.el6.noarch", "product": { "name": "tomcat7-javadoc-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_id": "tomcat7-javadoc-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.30-5_patch_02.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-lib-0:7.0.30-5_patch_02.ep6.el6.noarch", "product": { "name": "tomcat7-lib-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_id": "tomcat7-lib-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.30-5_patch_02.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.30-5_patch_02.ep6.el6.noarch", "product": { "name": "tomcat7-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_id": "tomcat7-0:7.0.30-5_patch_02.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.30-5_patch_02.ep6.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "tomcat7-0:7.0.30-3_patch_02.ep6.el5.src", "product": { "name": "tomcat7-0:7.0.30-3_patch_02.ep6.el5.src", "product_id": "tomcat7-0:7.0.30-3_patch_02.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.30-3_patch_02.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "tomcat7-0:7.0.30-5_patch_02.ep6.el6.src", "product": { "name": "tomcat7-0:7.0.30-5_patch_02.ep6.el6.src", "product_id": "tomcat7-0:7.0.30-5_patch_02.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/tomcat7@7.0.30-5_patch_02.ep6.el6?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.30-3_patch_02.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-0:7.0.30-3_patch_02.ep6.el5.noarch" }, "product_reference": "tomcat7-0:7.0.30-3_patch_02.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.30-3_patch_02.ep6.el5.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-0:7.0.30-3_patch_02.ep6.el5.src" }, "product_reference": "tomcat7-0:7.0.30-3_patch_02.ep6.el5.src", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-admin-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch" }, "product_reference": "tomcat7-admin-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-docs-webapp-0:7.0.30-3_patch_02.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.30-3_patch_02.ep6.el5.noarch" }, "product_reference": "tomcat7-docs-webapp-0:7.0.30-3_patch_02.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-el-1.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-el-1.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch" }, "product_reference": "tomcat7-el-1.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-javadoc-0:7.0.30-3_patch_02.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.30-3_patch_02.ep6.el5.noarch" }, "product_reference": "tomcat7-javadoc-0:7.0.30-3_patch_02.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-jsp-2.2-api-0:7.0.30-3_patch_02.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.30-3_patch_02.ep6.el5.noarch" }, "product_reference": "tomcat7-jsp-2.2-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-lib-0:7.0.30-3_patch_02.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-lib-0:7.0.30-3_patch_02.ep6.el5.noarch" }, "product_reference": "tomcat7-lib-0:7.0.30-3_patch_02.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-log4j-0:7.0.30-3_patch_02.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-log4j-0:7.0.30-3_patch_02.ep6.el5.noarch" }, "product_reference": "tomcat7-log4j-0:7.0.30-3_patch_02.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-servlet-3.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch" }, "product_reference": "tomcat7-servlet-3.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 5 Server", "product_id": "5Server-JBEWS-2:tomcat7-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch" }, "product_reference": "tomcat7-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.30-5_patch_02.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.30-5_patch_02.ep6.el6.noarch" }, "product_reference": "tomcat7-0:7.0.30-5_patch_02.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-0:7.0.30-5_patch_02.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.30-5_patch_02.ep6.el6.src" }, "product_reference": "tomcat7-0:7.0.30-5_patch_02.ep6.el6.src", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-admin-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch" }, "product_reference": "tomcat7-admin-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-docs-webapp-0:7.0.30-5_patch_02.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.30-5_patch_02.ep6.el6.noarch" }, "product_reference": "tomcat7-docs-webapp-0:7.0.30-5_patch_02.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-el-1.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-el-1.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch" }, "product_reference": "tomcat7-el-1.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-javadoc-0:7.0.30-5_patch_02.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.30-5_patch_02.ep6.el6.noarch" }, "product_reference": "tomcat7-javadoc-0:7.0.30-5_patch_02.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-jsp-2.2-api-0:7.0.30-5_patch_02.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.30-5_patch_02.ep6.el6.noarch" }, "product_reference": "tomcat7-jsp-2.2-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-lib-0:7.0.30-5_patch_02.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-lib-0:7.0.30-5_patch_02.ep6.el6.noarch" }, "product_reference": "tomcat7-lib-0:7.0.30-5_patch_02.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-log4j-0:7.0.30-5_patch_02.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-log4j-0:7.0.30-5_patch_02.ep6.el6.noarch" }, "product_reference": "tomcat7-log4j-0:7.0.30-5_patch_02.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-servlet-3.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch" }, "product_reference": "tomcat7-servlet-3.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" }, { "category": "default_component_of", "full_product_name": { "name": "tomcat7-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server", "product_id": "6Server-JBEWS-2:tomcat7-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch" }, "product_reference": "tomcat7-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEWS-2" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-4431", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2012-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "883636" } ], "notes": [ { "category": "description", "text": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JBoss Web - Bypass of CSRF prevention filter", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of tomcat5 as shipped with Red Hat Enterprise Linux 5 and tomcat6 as shipped with Red Hat Enterprise Linux 6 as they did not include the CSRF prevention filter.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEWS-2:tomcat7-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.30-3_patch_02.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-1.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.30-5_patch_02.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-1.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4431" }, { "category": "external", "summary": "RHBZ#883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4431", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4431" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32" } ], "release_date": "2012-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:32:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-JBEWS-2:tomcat7-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.30-3_patch_02.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-1.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.30-5_patch_02.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-1.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0268" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEWS-2:tomcat7-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-0:7.0.30-3_patch_02.ep6.el5.src", "5Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-el-1.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-javadoc-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-lib-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-log4j-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.30-3_patch_02.ep6.el5.noarch", "5Server-JBEWS-2:tomcat7-webapps-0:7.0.30-3_patch_02.ep6.el5.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-0:7.0.30-5_patch_02.ep6.el6.src", "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-el-1.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-lib-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-log4j-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.30-5_patch_02.ep6.el6.noarch", "6Server-JBEWS-2:tomcat7-webapps-0:7.0.30-5_patch_02.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JBoss Web - Bypass of CSRF prevention filter" } ] }
rhsa-2013_0647
Vulnerability from csaf_redhat
Published
2013-03-14 16:46
Modified
2024-11-22 06:40
Summary
Red Hat Security Advisory: jbossweb security update
Notes
Topic
Updated jbossweb packages for JBoss Enterprise Application Platform 6.0.1
that fix multiple security issues are now available for Red Hat Enterprise
Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise
Application Platform. It provides a single deployment platform for the
JavaServer Pages (JSP) and Java Servlet technologies.
It was found that sending a request without a session identifier to a
protected resource could bypass the Cross-Site Request Forgery (CSRF)
prevention filter in JBoss Web. A remote attacker could use this flaw to
perform CSRF attacks against applications that rely on the CSRF prevention
filter and do not contain internal mitigation for CSRF. (CVE-2012-4431)
Multiple weaknesses were found in the JBoss Web DIGEST authentication
implementation, effectively reducing the security normally provided by
DIGEST authentication. A remote attacker could use these flaws to perform
replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,
CVE-2012-5887)
Warning: Before applying this update, back up your existing JBoss
Enterprise Application Platform installation and deployed applications.
All users of JBoss Enterprise Application Platform 6.0.1 on Red Hat
Enterprise Linux 5 and 6 are advised to upgrade to these updated packages.
The JBoss server process must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated jbossweb packages for JBoss Enterprise Application Platform 6.0.1\nthat fix multiple security issues are now available for Red Hat Enterprise\nLinux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise\nApplication Platform. It provides a single deployment platform for the\nJavaServer Pages (JSP) and Java Servlet technologies.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter in JBoss Web. A remote attacker could use this flaw to\nperform CSRF attacks against applications that rely on the CSRF prevention\nfilter and do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nMultiple weaknesses were found in the JBoss Web DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to perform\nreplay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\nCVE-2012-5887)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation and deployed applications.\n\nAll users of JBoss Enterprise Application Platform 6.0.1 on Red Hat\nEnterprise Linux 5 and 6 are advised to upgrade to these updated packages.\nThe JBoss server process must be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:0647", "url": "https://access.redhat.com/errata/RHSA-2013:0647" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0647.json" } ], "title": "Red Hat Security Advisory: jbossweb security update", "tracking": { "current_release_date": "2024-11-22T06:40:45+00:00", "generator": { "date": "2024-11-22T06:40:45+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:0647", "initial_release_date": "2013-03-14T16:46:00+00:00", "revision_history": [ { "date": "2013-03-14T16:46:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2013-03-14T16:48:21+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T06:40:45+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5 Server", "product_id": "5Server-JBEAP-6", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5" } } }, { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6 Server", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6 Server", "product_id": "6Server-JBEAP-6", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "product": { "name": "jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "product_id": "jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb-lib@7.0.17-4.Final_redhat_3.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "product": { "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "product_id": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.0.17-4.Final_redhat_3.ep6.el5?arch=noarch" } } }, { "category": "product_version", "name": "jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "product": { "name": "jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "product_id": "jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb-lib@7.0.17-4.Final_redhat_3.ep6.el6?arch=noarch" } } }, { "category": "product_version", "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "product": { "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "product_id": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.0.17-4.Final_redhat_3.ep6.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "product": { "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "product_id": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.0.17-4.Final_redhat_3.ep6.el5?arch=src" } } }, { "category": "product_version", "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "product": { "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "product_id": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbossweb@7.0.17-4.Final_redhat_3.ep6.el6?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6 for RHEL 5 Server", "product_id": "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch" }, "product_reference": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6 for RHEL 5 Server", "product_id": "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src" }, "product_reference": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "relates_to_product_reference": "5Server-JBEAP-6" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6 for RHEL 5 Server", "product_id": "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch" }, "product_reference": "jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "relates_to_product_reference": "5Server-JBEAP-6" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6 for RHEL 6 Server", "product_id": "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" }, "product_reference": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6 for RHEL 6 Server", "product_id": "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src" }, "product_reference": "jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "relates_to_product_reference": "6Server-JBEAP-6" }, { "category": "default_component_of", "full_product_name": { "name": "jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6 for RHEL 6 Server", "product_id": "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" }, "product_reference": "jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "relates_to_product_reference": "6Server-JBEAP-6" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-4431", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2012-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "883636" } ], "notes": [ { "category": "description", "text": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JBoss Web - Bypass of CSRF prevention filter", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of tomcat5 as shipped with Red Hat Enterprise Linux 5 and tomcat6 as shipped with Red Hat Enterprise Linux 6 as they did not include the CSRF prevention filter.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4431" }, { "category": "external", "summary": "RHBZ#883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4431", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4431" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32" } ], "release_date": "2012-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-14T16:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0647" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JBoss Web - Bypass of CSRF prevention filter" }, { "cve": "CVE-2012-5885", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5885" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5885", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5885" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-14T16:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0647" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" }, { "cve": "CVE-2012-5886", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5886" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5886", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5886" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5886", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5886" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-14T16:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0647" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" }, { "cve": "CVE-2012-5887", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5887" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5887", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5887" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5887", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5887" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-14T16:46:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0647" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "5Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5.src", "5Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el5.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch", "6Server-JBEAP-6:jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6.src", "6Server-JBEAP-6:jbossweb-lib-0:7.0.17-4.Final_redhat_3.ep6.el6.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" } ] }
rhsa-2013_1853
Vulnerability from csaf_redhat
Published
2013-12-17 18:30
Modified
2024-11-22 07:09
Summary
Red Hat Security Advisory: Red Hat JBoss Operations Network 3.2.0 update
Notes
Topic
Red Hat JBoss Operations Network 3.2.0, which fixes multiple security
issues and several bugs, is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
Red Hat JBoss Operations Network is a middleware management solution that
provides a single point of control to deploy, manage, and monitor JBoss
Enterprise Middleware, applications, and services.
This JBoss Operations Network 3.2.0 release serves as a replacement for
JBoss Operations Network 3.1.2, and includes several bug fixes. Refer to
the JBoss Operations Network 3.2.0 Release Notes for information on the
most significant of these changes. The Release Notes will be available
shortly from https://access.redhat.com/site/documentation/
The following security issues are also fixed with this release:
It was found that sending a request without a session identifier to a
protected resource could bypass the Cross-Site Request Forgery (CSRF)
prevention filter. A remote attacker could use this flaw to perform CSRF
attacks against applications that rely on the CSRF prevention filter and do
not contain internal mitigation for CSRF. (CVE-2012-4431)
The Jakarta Commons HttpClient component did not verify that the server
hostname matched the domain name in the subject's Common Name (CN) or
subjectAltName field in X.509 certificates. This could allow a
man-in-the-middle attacker to spoof an SSL server if they had a certificate
that was valid for any domain name. (CVE-2012-5783)
A flaw was found in the way Apache Santuario XML Security for Java
validated XML signatures. Santuario allowed a signature to specify an
arbitrary canonicalization algorithm, which would be applied to the
SignedInfo XML fragment. A remote attacker could exploit this to spoof an
XML signature via a specially crafted XML signature block. (CVE-2013-2172)
Warning: Before applying the update, back up your existing JBoss Operations
Network installation (including its databases, applications, configuration
files, the JBoss Operations Network server's file system directory, and so
on).
All users of JBoss Operations Network 3.1.2 as provided from the Red Hat
Customer Portal are advised to upgrade to JBoss Operations Network 3.2.0.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat JBoss Operations Network 3.2.0, which fixes multiple security\nissues and several bugs, is now available from the Red Hat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Operations Network is a middleware management solution that\nprovides a single point of control to deploy, manage, and monitor JBoss\nEnterprise Middleware, applications, and services.\n\nThis JBoss Operations Network 3.2.0 release serves as a replacement for\nJBoss Operations Network 3.1.2, and includes several bug fixes. Refer to\nthe JBoss Operations Network 3.2.0 Release Notes for information on the\nmost significant of these changes. The Release Notes will be available\nshortly from https://access.redhat.com/site/documentation/\n\nThe following security issues are also fixed with this release:\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform CSRF\nattacks against applications that rely on the CSRF prevention filter and do\nnot contain internal mitigation for CSRF. (CVE-2012-4431)\n\nThe Jakarta Commons HttpClient component did not verify that the server\nhostname matched the domain name in the subject\u0027s Common Name (CN) or\nsubjectAltName field in X.509 certificates. This could allow a\nman-in-the-middle attacker to spoof an SSL server if they had a certificate\nthat was valid for any domain name. (CVE-2012-5783)\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially crafted XML signature block. (CVE-2013-2172)\n\nWarning: Before applying the update, back up your existing JBoss Operations\nNetwork installation (including its databases, applications, configuration\nfiles, the JBoss Operations Network server\u0027s file system directory, and so\non).\n\nAll users of JBoss Operations Network 3.1.2 as provided from the Red Hat\nCustomer Portal are advised to upgrade to JBoss Operations Network 3.2.0.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:1853", "url": "https://access.redhat.com/errata/RHSA-2013:1853" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=em\u0026version=3.2.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=em\u0026version=3.2.0" }, { "category": "external", "summary": "https://access.redhat.com/site/documentation/Red_Hat_JBoss_Operations_Network/", "url": "https://access.redhat.com/site/documentation/Red_Hat_JBoss_Operations_Network/" }, { "category": "external", "summary": "873317", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873317" }, { "category": "external", "summary": "883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "999263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=999263" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1853.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Operations Network 3.2.0 update", "tracking": { "current_release_date": "2024-11-22T07:09:01+00:00", "generator": { "date": "2024-11-22T07:09:01+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:1853", "initial_release_date": "2013-12-17T18:30:00+00:00", "revision_history": [ { "date": "2013-12-17T18:30:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-02-20T12:45:41+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T07:09:01+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Operations Network 3.2", "product": { "name": "Red Hat JBoss Operations Network 3.2", "product_id": "Red Hat JBoss Operations Network 3.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_operations_network:3.2.0" } } } ], "category": "product_family", "name": "Red Hat JBoss Operations Network" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-4431", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2012-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "883636" } ], "notes": [ { "category": "description", "text": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JBoss Web - Bypass of CSRF prevention filter", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of tomcat5 as shipped with Red Hat Enterprise Linux 5 and tomcat6 as shipped with Red Hat Enterprise Linux 6 as they did not include the CSRF prevention filter.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Operations Network 3.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4431" }, { "category": "external", "summary": "RHBZ#883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4431", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4431" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32" } ], "release_date": "2012-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-17T18:30:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Operations Network installation (including its databases,\napplications, configuration files, the JBoss Operations Network server\u0027s\nfile system directory, and so on).\n\nRefer to the JBoss Operations Network 3.2.0 Release Notes for\ninstallation information.", "product_ids": [ "Red Hat JBoss Operations Network 3.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1853" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Operations Network 3.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JBoss Web - Bypass of CSRF prevention filter" }, { "cve": "CVE-2012-5783", "discovery_date": "2012-11-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873317" } ], "notes": [ { "category": "description", "text": "It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", "title": "Vulnerability description" }, { "category": "summary", "text": "jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Operations Network 3.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5783" }, { "category": "external", "summary": "RHBZ#873317", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873317" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5783", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5783" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5783", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5783" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-17T18:30:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Operations Network installation (including its databases,\napplications, configuration files, the JBoss Operations Network server\u0027s\nfile system directory, and so on).\n\nRefer to the JBoss Operations Network 3.2.0 Release Notes for\ninstallation information.", "product_ids": [ "Red Hat JBoss Operations Network 3.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1853" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "Red Hat JBoss Operations Network 3.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name" }, { "cve": "CVE-2013-2172", "cwe": { "id": "CWE-290", "name": "Authentication Bypass by Spoofing" }, "discovery_date": "2013-08-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "999263" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via a specially crafted XML signature block.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java: XML signature spoofing", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Operations Network 3.2" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2172" }, { "category": "external", "summary": "RHBZ#999263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=999263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2172", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2172" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2172", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2172" }, { "category": "external", "summary": "http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc", "url": "http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc" } ], "release_date": "2013-06-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-12-17T18:30:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Operations Network installation (including its databases,\napplications, configuration files, the JBoss Operations Network server\u0027s\nfile system directory, and so on).\n\nRefer to the JBoss Operations Network 3.2.0 Release Notes for\ninstallation information.", "product_ids": [ "Red Hat JBoss Operations Network 3.2" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:1853" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Operations Network 3.2" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Java: XML signature spoofing" } ] }
rhsa-2013_0267
Vulnerability from csaf_redhat
Published
2013-02-19 20:30
Modified
2024-11-22 06:40
Summary
Red Hat Security Advisory: tomcat7 security update
Notes
Topic
An update for the Apache Tomcat 7 component for JBoss Enterprise Web Server
2.0.0 that fixes one security issue is now available from the Red Hat
Customer Portal.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
Apache Tomcat is a servlet container.
It was found that sending a request without a session identifier to a
protected resource could bypass the Cross-Site Request Forgery (CSRF)
prevention filter. A remote attacker could use this flaw to perform
CSRF attacks against applications that rely on the CSRF prevention filter
and do not contain internal mitigation for CSRF. (CVE-2012-4431)
Warning: Before applying the update, back up your existing JBoss Enterprise
Web Server installation (including all applications and configuration
files).
All users of JBoss Enterprise Web Server 2.0.0 as provided from the Red Hat
Customer Portal are advised to apply this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the Apache Tomcat 7 component for JBoss Enterprise Web Server\n2.0.0 that fixes one security issue is now available from the Red Hat\nCustomer Portal.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.", "title": "Topic" }, { "category": "general", "text": "Apache Tomcat is a servlet container.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter. A remote attacker could use this flaw to perform\nCSRF attacks against applications that rely on the CSRF prevention filter\nand do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nWarning: Before applying the update, back up your existing JBoss Enterprise\nWeb Server installation (including all applications and configuration\nfiles).\n\nAll users of JBoss Enterprise Web Server 2.0.0 as provided from the Red Hat\nCustomer Portal are advised to apply this update.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:0267", "url": "https://access.redhat.com/errata/RHSA-2013:0267" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=webserver\u0026version=2.0.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=webserver\u0026version=2.0.0" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html", "url": "http://tomcat.apache.org/security-7.html" }, { "category": "external", "summary": "883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0267.json" } ], "title": "Red Hat Security Advisory: tomcat7 security update", "tracking": { "current_release_date": "2024-11-22T06:40:38+00:00", "generator": { "date": "2024-11-22T06:40:38+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:0267", "initial_release_date": "2013-02-19T20:30:00+00:00", "revision_history": [ { "date": "2013-02-19T20:30:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2013-02-19T22:12:51+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T06:40:38+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Web Server 2.0", "product": { "name": "Red Hat JBoss Web Server 2.0", "product_id": "Red Hat JBoss Web Server 2.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.0" } } } ], "category": "product_family", "name": "Red Hat JBoss Web Server" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-4431", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2012-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "883636" } ], "notes": [ { "category": "description", "text": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JBoss Web - Bypass of CSRF prevention filter", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of tomcat5 as shipped with Red Hat Enterprise Linux 5 and tomcat6 as shipped with Red Hat Enterprise Linux 6 as they did not include the CSRF prevention filter.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Web Server 2.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4431" }, { "category": "external", "summary": "RHBZ#883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4431", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4431" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32" } ], "release_date": "2012-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-02-19T20:30:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting JBoss Enterprise Web Server installation (including all\napplications and configuration files).\n\nTomcat must be restarted for this update to take effect.", "product_ids": [ "Red Hat JBoss Web Server 2.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0267" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Web Server 2.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JBoss Web - Bypass of CSRF prevention filter" } ] }
rhsa-2013_0648
Vulnerability from csaf_redhat
Published
2013-03-14 16:40
Modified
2024-11-22 06:40
Summary
Red Hat Security Advisory: jbossweb security update
Notes
Topic
An update for JBoss Enterprise Application Platform 6.0.1 which fixes
multiple security issues is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise
Application Platform. It provides a single deployment platform for the
JavaServer Pages (JSP) and Java Servlet technologies.
It was found that sending a request without a session identifier to a
protected resource could bypass the Cross-Site Request Forgery (CSRF)
prevention filter in JBoss Web. A remote attacker could use this flaw to
perform CSRF attacks against applications that rely on the CSRF prevention
filter and do not contain internal mitigation for CSRF. (CVE-2012-4431)
Multiple weaknesses were found in the JBoss Web DIGEST authentication
implementation, effectively reducing the security normally provided by
DIGEST authentication. A remote attacker could use these flaws to perform
replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,
CVE-2012-5887)
Warning: Before applying this update, back up your existing JBoss
Enterprise Application Platform installation and deployed applications.
All users of JBoss Enterprise Application Platform 6.0.1 as provided from
the Red Hat Customer Portal are advised to apply this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for JBoss Enterprise Application Platform 6.0.1 which fixes\nmultiple security issues is now available from the Red Hat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise\nApplication Platform. It provides a single deployment platform for the\nJavaServer Pages (JSP) and Java Servlet technologies.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter in JBoss Web. A remote attacker could use this flaw to\nperform CSRF attacks against applications that rely on the CSRF prevention\nfilter and do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nMultiple weaknesses were found in the JBoss Web DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to perform\nreplay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\nCVE-2012-5887)\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation and deployed applications.\n\nAll users of JBoss Enterprise Application Platform 6.0.1 as provided from\nthe Red Hat Customer Portal are advised to apply this update.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:0648", "url": "https://access.redhat.com/errata/RHSA-2013:0648" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.0.1", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.0.1" }, { "category": "external", "summary": "873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0648.json" } ], "title": "Red Hat Security Advisory: jbossweb security update", "tracking": { "current_release_date": "2024-11-22T06:40:49+00:00", "generator": { "date": "2024-11-22T06:40:49+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:0648", "initial_release_date": "2013-03-14T16:40:00+00:00", "revision_history": [ { "date": "2013-03-14T16:40:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-02-20T12:45:58+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T06:40:49+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 6.0", "product": { "name": "Red Hat JBoss Enterprise Application Platform 6.0", "product_id": "Red Hat JBoss Enterprise Application Platform 6.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.0.1" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-4431", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2012-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "883636" } ], "notes": [ { "category": "description", "text": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JBoss Web - Bypass of CSRF prevention filter", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of tomcat5 as shipped with Red Hat Enterprise Linux 5 and tomcat6 as shipped with Red Hat Enterprise Linux 6 as they did not include the CSRF prevention filter.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4431" }, { "category": "external", "summary": "RHBZ#883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4431", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4431" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32" } ], "release_date": "2012-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-14T16:40:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.\n\nThe JBoss server process must be restarted for this update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0648" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JBoss Web - Bypass of CSRF prevention filter" }, { "cve": "CVE-2012-5885", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5885" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5885", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5885" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-14T16:40:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.\n\nThe JBoss server process must be restarted for this update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0648" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" }, { "cve": "CVE-2012-5886", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5886" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5886", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5886" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5886", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5886" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-14T16:40:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.\n\nThe JBoss server process must be restarted for this update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0648" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" }, { "cve": "CVE-2012-5887", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 6.0" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5887" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5887", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5887" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5887", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5887" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-14T16:40:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.\n\nThe JBoss server process must be restarted for this update to take effect.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 6.0" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0648" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss Enterprise Application Platform 6.0" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" } ] }
rhsa-2013_0665
Vulnerability from csaf_redhat
Published
2013-03-20 15:48
Modified
2024-11-22 06:40
Summary
Red Hat Security Advisory: JBoss Data Grid 6.1.0 update
Notes
Topic
JBoss Data Grid 6.1.0, which fixes multiple security issues, various bugs,
and adds enhancements, is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
JBoss Data Grid is a distributed in-memory data grid, based on Infinispan.
This release of JBoss Data Grid 6.1.0 serves as a replacement for JBoss
Data Grid 6.0.1. It includes various bug fixes and enhancements which are
detailed in the JBoss Data Grid 6.1.0 Release Notes. The Release Notes will
be available shortly from https://access.redhat.com/knowledge/docs/
This update also fixes the following security issues:
When using LDAP authentication with either the "ldap" configuration entry
or the provided LDAP login modules (LdapLoginModule/LdapExtLoginModule),
empty passwords were allowed by default. An attacker could use this flaw to
bypass intended authentication by providing an empty password for a valid
username, as the LDAP server may recognize this as an 'unauthenticated
authentication' (RFC 4513). This update sets the allowEmptyPasswords option
for the LDAP login modules to false if the option is not already
configured. (CVE-2012-5629)
Note: If you are using the "ldap" configuration entry and rely on empty
passwords, they will no longer work after applying this update. The
jboss-as-domain-management module, by default, will prevent empty
passwords. This cannot be configured; however, a future release may add a
configuration option to allow empty passwords when using the "ldap"
configuration entry.
It was found that sending a request without a session identifier to a
protected resource could bypass the Cross-Site Request Forgery (CSRF)
prevention filter in JBoss Web. A remote attacker could use this flaw to
perform CSRF attacks against applications that rely on the CSRF prevention
filter and do not contain internal mitigation for CSRF. (CVE-2012-4431)
Multiple weaknesses were found in the JBoss Web DIGEST authentication
implementation, effectively reducing the security normally provided by
DIGEST authentication. A remote attacker could use these flaws to perform
replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,
CVE-2012-5887)
Warning: Before applying this update, back up your existing JBoss Data Grid
installation.
All users of JBoss Data Grid 6.0.1 as provided from the Red Hat Customer
Portal are advised to upgrade to JBoss Data Grid 6.1.0.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "JBoss Data Grid 6.1.0, which fixes multiple security issues, various bugs,\nand adds enhancements, is now available from the Red Hat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "JBoss Data Grid is a distributed in-memory data grid, based on Infinispan.\n\nThis release of JBoss Data Grid 6.1.0 serves as a replacement for JBoss\nData Grid 6.0.1. It includes various bug fixes and enhancements which are\ndetailed in the JBoss Data Grid 6.1.0 Release Notes. The Release Notes will\nbe available shortly from https://access.redhat.com/knowledge/docs/\n\nThis update also fixes the following security issues:\n\nWhen using LDAP authentication with either the \"ldap\" configuration entry\nor the provided LDAP login modules (LdapLoginModule/LdapExtLoginModule),\nempty passwords were allowed by default. An attacker could use this flaw to\nbypass intended authentication by providing an empty password for a valid\nusername, as the LDAP server may recognize this as an \u0027unauthenticated\nauthentication\u0027 (RFC 4513). This update sets the allowEmptyPasswords option\nfor the LDAP login modules to false if the option is not already\nconfigured. (CVE-2012-5629)\n\nNote: If you are using the \"ldap\" configuration entry and rely on empty\npasswords, they will no longer work after applying this update. The\njboss-as-domain-management module, by default, will prevent empty\npasswords. This cannot be configured; however, a future release may add a\nconfiguration option to allow empty passwords when using the \"ldap\"\nconfiguration entry.\n\nIt was found that sending a request without a session identifier to a\nprotected resource could bypass the Cross-Site Request Forgery (CSRF)\nprevention filter in JBoss Web. A remote attacker could use this flaw to\nperform CSRF attacks against applications that rely on the CSRF prevention\nfilter and do not contain internal mitigation for CSRF. (CVE-2012-4431)\n\nMultiple weaknesses were found in the JBoss Web DIGEST authentication\nimplementation, effectively reducing the security normally provided by\nDIGEST authentication. A remote attacker could use these flaws to perform\nreplay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886,\nCVE-2012-5887)\n\nWarning: Before applying this update, back up your existing JBoss Data Grid\ninstallation.\n\nAll users of JBoss Data Grid 6.0.1 as provided from the Red Hat Customer\nPortal are advised to upgrade to JBoss Data Grid 6.1.0.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:0665", "url": "https://access.redhat.com/errata/RHSA-2013:0665" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "http://tools.ietf.org/html/rfc4513", "url": "http://tools.ietf.org/html/rfc4513" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html", "url": "http://tomcat.apache.org/security-6.html" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid\u0026downloadType=distributions", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid\u0026downloadType=distributions" }, { "category": "external", "summary": "https://access.redhat.com/knowledge/docs/", "url": "https://access.redhat.com/knowledge/docs/" }, { "category": "external", "summary": "873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "885569", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=885569" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0665.json" } ], "title": "Red Hat Security Advisory: JBoss Data Grid 6.1.0 update", "tracking": { "current_release_date": "2024-11-22T06:40:53+00:00", "generator": { "date": "2024-11-22T06:40:53+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2013:0665", "initial_release_date": "2013-03-20T15:48:00+00:00", "revision_history": [ { "date": "2013-03-20T15:48:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-06-10T20:09:04+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T06:40:53+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "JBoss Data Grid 6.1", "product": { "name": "JBoss Data Grid 6.1", "product_id": "JBoss Data Grid 6.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_data_grid:6.1.0" } } } ], "category": "product_family", "name": "Red Hat JBoss Data Grid" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-4431", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2012-12-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "883636" } ], "notes": [ { "category": "description", "text": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "title": "Vulnerability description" }, { "category": "summary", "text": "Tomcat/JBoss Web - Bypass of CSRF prevention filter", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of tomcat5 as shipped with Red Hat Enterprise Linux 5 and tomcat6 as shipped with Red Hat Enterprise Linux 6 as they did not include the CSRF prevention filter.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "JBoss Data Grid 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4431" }, { "category": "external", "summary": "RHBZ#883636", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=883636" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4431", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4431" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431" }, { "category": "external", "summary": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36", "url": "http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.36" }, { "category": "external", "summary": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32", "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.32" } ], "release_date": "2012-12-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-20T15:48:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Data Grid installation.", "product_ids": [ "JBoss Data Grid 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0665" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "JBoss Data Grid 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Tomcat/JBoss Web - Bypass of CSRF prevention filter" }, { "cve": "CVE-2012-5629", "cwe": { "id": "CWE-305", "name": "Authentication Bypass by Primary Weakness" }, "discovery_date": "2012-12-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "885569" } ], "notes": [ { "category": "description", "text": "The default configuration of the (1) LdapLoginModule and (2) LdapExtLoginModule modules in JBoss Enterprise Application Platform (EAP) 4.3.0 CP10, 5.2.0, and 6.0.1, and Enterprise Web Platform (EWP) 5.2.0 allow remote attackers to bypass authentication via an empty password.", "title": "Vulnerability description" }, { "category": "summary", "text": "JBoss: allows empty password to authenticate against LDAP", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "JBoss Data Grid 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5629" }, { "category": "external", "summary": "RHBZ#885569", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=885569" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5629", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5629" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5629", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5629" } ], "release_date": "2013-02-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-20T15:48:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Data Grid installation.", "product_ids": [ "JBoss Data Grid 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0665" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "JBoss Data Grid 6.1" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JBoss: allows empty password to authenticate against LDAP" }, { "cve": "CVE-2012-5885", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count) values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "JBoss Data Grid 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5885" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5885", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5885" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-20T15:48:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Data Grid installation.", "product_ids": [ "JBoss Data Grid 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0665" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "JBoss Data Grid 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" }, { "cve": "CVE-2012-5886", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "JBoss Data Grid 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5886" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5886", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5886" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5886", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5886" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-20T15:48:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Data Grid installation.", "product_ids": [ "JBoss Data Grid 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0665" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "JBoss Data Grid 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" }, { "cve": "CVE-2012-5887", "discovery_date": "2012-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "873664" } ], "notes": [ { "category": "description", "text": "The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests.", "title": "Vulnerability description" }, { "category": "summary", "text": "tomcat: three DIGEST authentication implementation issues", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "JBoss Data Grid 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5887" }, { "category": "external", "summary": "RHBZ#873664", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=873664" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5887", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5887" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5887", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5887" } ], "release_date": "2012-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-03-20T15:48:00+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Data Grid installation.", "product_ids": [ "JBoss Data Grid 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0665" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "JBoss Data Grid 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "tomcat: three DIGEST authentication implementation issues" } ] }
ghsa-76vr-72mv-mf3q
Vulnerability from github
Published
2022-05-17 00:57
Modified
2022-07-13 21:29
Summary
Cross-Site Request Forgery in Apache Tomcat
Details
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
{ "affected": [ { "package": { "ecosystem": "Maven", "name": "org.apache.tomcat:tomcat" }, "ranges": [ { "events": [ { "introduced": "6.0.0" }, { "fixed": "6.0.36" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Maven", "name": "org.apache.tomcat:tomcat" }, "ranges": [ { "events": [ { "introduced": "7.0.0" }, { "fixed": "7.0.32" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2012-4431" ], "database_specific": { "cwe_ids": [ "CWE-352" ], "github_reviewed": true, "github_reviewed_at": "2022-07-13T21:29:42Z", "nvd_published_at": "2012-12-19T11:55:00Z", "severity": "MODERATE" }, "details": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "id": "GHSA-76vr-72mv-mf3q", "modified": "2022-07-13T21:29:42Z", "published": "2022-05-17T00:57:51Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4431" }, { "type": "PACKAGE", "url": "https://github.com/apache/tomcat" }, { "type": "WEB", "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18541" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00080.html" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2013-0267.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2013-0268.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2013-0647.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2013-0648.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2013-1853.html" }, { "type": "WEB", "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "type": "WEB", "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "type": "WEB", "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1393088" }, { "type": "WEB", "url": "http://tomcat.apache.org/security-6.html" }, { "type": "WEB", "url": "http://tomcat.apache.org/security-7.html" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-1685-1" } ], "schema_version": "1.4.0", "severity": [], "summary": "Cross-Site Request Forgery in Apache Tomcat" }
gsd-2012-4431
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2012-4431", "description": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "id": "GSD-2012-4431", "references": [ "https://www.suse.com/security/cve/CVE-2012-4431.html", "https://access.redhat.com/errata/RHSA-2013:1853", "https://access.redhat.com/errata/RHSA-2013:1437", "https://access.redhat.com/errata/RHSA-2013:0665", "https://access.redhat.com/errata/RHSA-2013:0648", "https://access.redhat.com/errata/RHSA-2013:0647", "https://access.redhat.com/errata/RHSA-2013:0268", "https://access.redhat.com/errata/RHSA-2013:0267", "https://access.redhat.com/errata/RHSA-2013:0266", "https://access.redhat.com/errata/RHSA-2013:0265" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2012-4431" ], "details": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "id": "GSD-2012-4431", "modified": "2023-12-13T01:20:15.300771Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4431", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:18541", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18541" }, { "name": "SSRT101139", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "20121204 CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0045.html" }, { "name": "openSUSE-SU-2013:0161", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html" }, { "name": "USN-1685-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1685-1" }, { "name": "openSUSE-SU-2012:1700", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html" }, { "name": "56814", "refsource": "BID", "url": "http://www.securityfocus.com/bid/56814" }, { "name": "openSUSE-SU-2013:0192", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00080.html" }, { "name": "SSRT101182", "refsource": "HP", "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878" }, { "name": "RHSA-2013:0268", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0268.html" }, { "name": "http://tomcat.apache.org/security-7.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-7.html" }, { "name": "RHSA-2013:0648", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0648.html" }, { "name": "1027834", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1027834" }, { "name": "RHSA-2013:1437", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1437.html" }, { "name": "HPSBMU02873", "refsource": "HP", "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878" }, { "name": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088\u0026r2=1393087\u0026pathrev=1393088", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "name": "RHSA-2013:0647", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0647.html" }, { "name": "http://tomcat.apache.org/security-6.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-6.html" }, { "name": "57126", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/57126" }, { "name": "RHSA-2013:1853", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1853.html" }, { "name": "openSUSE-SU-2013:0147", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html" }, { "name": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088\u0026r2=1393087\u0026pathrev=1393088", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "name": "RHSA-2013:0267", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0267.html" }, { "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1393088", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1393088" }, { "name": "HPSBUX02866", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "HPSBST02955", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2" }, { "name": "openSUSE-SU-2012:1701", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "[6.0.0,6.0.36),[7.0.0,7.0.32)", "affected_versions": "All versions starting from 6.0.0 before 6.0.36, all versions starting from 7.0.0 before 7.0.32", "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "cwe_ids": [ "CWE-1035", "CWE-264", "CWE-352", "CWE-937" ], "date": "2022-07-13", "description": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.", "fixed_versions": [ "6.0.36", "7.0.32" ], "identifier": "CVE-2012-4431", "identifiers": [ "GHSA-76vr-72mv-mf3q", "CVE-2012-4431" ], "not_impacted": "All versions before 6.0.0, all versions starting from 6.0.36 before 7.0.0, all versions starting from 7.0.32", "package_slug": "maven/org.apache.tomcat/tomcat", "pubdate": "2022-05-17", "solution": "Upgrade to versions 6.0.36, 7.0.32 or above.", "title": "Cross-Site Request Forgery (CSRF)", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2012-4431", "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878", "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18541", "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html", "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html", "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html", "http://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html", "http://lists.opensuse.org/opensuse-updates/2013-01/msg00080.html", "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2", "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2", "http://rhn.redhat.com/errata/RHSA-2013-0267.html", "http://rhn.redhat.com/errata/RHSA-2013-0268.html", "http://rhn.redhat.com/errata/RHSA-2013-0647.html", "http://rhn.redhat.com/errata/RHSA-2013-0648.html", "http://rhn.redhat.com/errata/RHSA-2013-1853.html", "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088\u0026r2=1393087\u0026pathrev=1393088", "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088\u0026r2=1393087\u0026pathrev=1393088", "http://svn.apache.org/viewvc?view=revision\u0026revision=1393088", "http://tomcat.apache.org/security-6.html", "http://tomcat.apache.org/security-7.html", "http://www.ubuntu.com/usn/USN-1685-1", "https://github.com/advisories/GHSA-76vr-72mv-mf3q" ], "uuid": "cba4d804-e612-4a6f-a7d9-e117dc7ab1f9" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.8:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.1:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.9:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.6:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.0:alpha:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4431" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-264" } ] } ] }, "references": { "reference_data": [ { "name": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088\u0026r2=1393087\u0026pathrev=1393088", "refsource": "CONFIRM", "tags": [ "Patch" ], "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/filters/CsrfPreventionFilter.java?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "name": "http://svn.apache.org/viewvc?view=revision\u0026revision=1393088", "refsource": "CONFIRM", "tags": [ "Patch" ], "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1393088" }, { "name": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088\u0026r2=1393087\u0026pathrev=1393088", "refsource": "CONFIRM", "tags": [ "Patch" ], "url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/webapps/docs/changelog.xml?r1=1393088\u0026r2=1393087\u0026pathrev=1393088" }, { "name": "http://tomcat.apache.org/security-6.html", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://tomcat.apache.org/security-6.html" }, { "name": "http://tomcat.apache.org/security-7.html", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://tomcat.apache.org/security-7.html" }, { "name": "20121204 CVE-2012-4431 Apache Tomcat Bypass of CSRF prevention filter", "refsource": "BUGTRAQ", "tags": [], "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0045.html" }, { "name": "openSUSE-SU-2013:0161", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00051.html" }, { "name": "USN-1685-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-1685-1" }, { "name": "openSUSE-SU-2013:0192", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00080.html" }, { "name": "openSUSE-SU-2012:1700", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00089.html" }, { "name": "openSUSE-SU-2012:1701", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00090.html" }, { "name": "openSUSE-SU-2013:0147", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00037.html" }, { "name": "RHSA-2013:0268", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0268.html" }, { "name": "RHSA-2013:0267", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0267.html" }, { "name": "1027834", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id?1027834" }, { "name": "RHSA-2013:0647", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0647.html" }, { "name": "RHSA-2013:0648", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0648.html" }, { "name": "SSRT101182", "refsource": "HP", "tags": [], "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03748878" }, { "name": "RHSA-2013:1437", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1437.html" }, { "name": "RHSA-2013:1853", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-1853.html" }, { "name": "HPSBST02955", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=139344343412337\u0026w=2" }, { "name": "57126", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/57126" }, { "name": "SSRT101139", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=136612293908376\u0026w=2" }, { "name": "56814", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/56814" }, { "name": "oval:org.mitre.oval:def:18541", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18541" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false } }, "lastModifiedDate": "2017-09-19T01:35Z", "publishedDate": "2012-12-19T11:55Z" } } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.