Vulnerability-Lookup

CVE-2015-0264 (GCVE-0-2015-0264)

Vulnerability from cvelistv5 – Published: 2015-06-03 20:00 – Updated: 2024-08-06 04:03

Summary

Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an XPath query.

Severity

No CVSS data available.

CWE

Assigner

redhat

References

8 references

URL	Tags
http://rhn.redhat.com/errata/RHSA-2015-1539.html	vendor-advisoryx_refsource_REDHAT
http://securitytracker.com/id/1032442	vdb-entryx_refsource_SECTRACK
https://git-wip-us.apache.org/repos/asf?p=camel.g…	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2015-1041.html	vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1538.html	vendor-advisoryx_refsource_REDHAT
https://camel.apache.org/security-advisories.data…	x_refsource_CONFIRM
https://lists.apache.org/thread.html/b4014ea7c583…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/2318d7f7d877…	mailing-listx_refsource_MLIST

Date Public

2015-03-02 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:03:10.739Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:1539",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1539.html"
          },
          {
            "name": "1032442",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id/1032442"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git-wip-us.apache.org/repos/asf?p=camel.git%3Ba=commitdiff%3Bh=1df559649a96a1ca0368373387e542f46e4820da"
          },
          {
            "name": "RHSA-2015:1041",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1041.html"
          },
          {
            "name": "RHSA-2015:1538",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1538.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc"
          },
          {
            "name": "[camel-commits] 20190430 svn commit: r1044347 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0194.txt.asc security-advisories.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E"
          },
          {
            "name": "[camel-commits] 20190524 svn commit: r1045395 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0188.txt.asc security-advisories.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-03-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an XPath query."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-24T10:06:04.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2015:1539",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1539.html"
        },
        {
          "name": "1032442",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id/1032442"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git-wip-us.apache.org/repos/asf?p=camel.git%3Ba=commitdiff%3Bh=1df559649a96a1ca0368373387e542f46e4820da"
        },
        {
          "name": "RHSA-2015:1041",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1041.html"
        },
        {
          "name": "RHSA-2015:1538",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1538.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc"
        },
        {
          "name": "[camel-commits] 20190430 svn commit: r1044347 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0194.txt.asc security-advisories.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E"
        },
        {
          "name": "[camel-commits] 20190524 svn commit: r1045395 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0188.txt.asc security-advisories.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2015-0264",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an XPath query."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2015:1539",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1539.html"
            },
            {
              "name": "1032442",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id/1032442"
            },
            {
              "name": "https://git-wip-us.apache.org/repos/asf?p=camel.git;a=commitdiff;h=1df559649a96a1ca0368373387e542f46e4820da",
              "refsource": "CONFIRM",
              "url": "https://git-wip-us.apache.org/repos/asf?p=camel.git;a=commitdiff;h=1df559649a96a1ca0368373387e542f46e4820da"
            },
            {
              "name": "RHSA-2015:1041",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1041.html"
            },
            {
              "name": "RHSA-2015:1538",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1538.html"
            },
            {
              "name": "https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc",
              "refsource": "CONFIRM",
              "url": "https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc"
            },
            {
              "name": "[camel-commits] 20190430 svn commit: r1044347 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0194.txt.asc security-advisories.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d@%3Ccommits.camel.apache.org%3E"
            },
            {
              "name": "[camel-commits] 20190524 svn commit: r1045395 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0188.txt.asc security-advisories.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf@%3Ccommits.camel.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-0264",
    "datePublished": "2015-06-03T20:00:00.000Z",
    "dateReserved": "2014-11-18T00:00:00.000Z",
    "dateUpdated": "2024-08-06T04:03:10.739Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2015-0264",
      "date": "2026-05-29",
      "epss": "0.02016",
      "percentile": "0.84021"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.13.3\", \"matchCriteriaId\": \"3E65DC32-33D4-46FB-97AD-0ACF0DDF6E00\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:camel:2.14.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF8F319C-1212-4787-A1E8-15D576527EF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:camel:2.14.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17E12D85-196F-4723-A4EC-7DC900087AC5\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an XPath query.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades de entidad externa XML (XXE) en builder/xml/XPathBuilder.java en Apache Camel anterior a 2.13.4 y 2.14.x anterior a 2.14.2 permiten a atacantes remotos leer ficheros arbitrarios a trav\\u00e9s de una entidad externa en un objeto XML (1) String o (2) GenericFile inv\\u00e1lido en una consulta XPath.\"}]",
      "evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/611.html\"\u003eCWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)\u003c/a\u003e",
      "id": "CVE-2015-0264",
      "lastModified": "2024-11-21T02:22:41.013",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-06-03T20:59:04.403",
      "references": "[{\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1041.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1538.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1539.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://securitytracker.com/id/1032442\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://git-wip-us.apache.org/repos/asf?p=camel.git%3Ba=commitdiff%3Bh=1df559649a96a1ca0368373387e542f46e4820da\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1041.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1538.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-1539.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id/1032442\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://git-wip-us.apache.org/repos/asf?p=camel.git%3Ba=commitdiff%3Bh=1df559649a96a1ca0368373387e542f46e4820da\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-0264\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2015-06-03T20:59:04.403\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary files via an external entity in an invalid XML (1) String or (2) GenericFile object in an XPath query.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de entidad externa XML (XXE) en builder/xml/XPathBuilder.java en Apache Camel anterior a 2.13.4 y 2.14.x anterior a 2.14.2 permiten a atacantes remotos leer ficheros arbitrarios a trav\u00e9s de una entidad externa en un objeto XML (1) String o (2) GenericFile inv\u00e1lido en una consulta XPath.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.13.3\",\"matchCriteriaId\":\"3E65DC32-33D4-46FB-97AD-0ACF0DDF6E00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:camel:2.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF8F319C-1212-4787-A1E8-15D576527EF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:camel:2.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17E12D85-196F-4723-A4EC-7DC900087AC5\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1041.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1538.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1539.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id/1032442\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://git-wip-us.apache.org/repos/asf?p=camel.git%3Ba=commitdiff%3Bh=1df559649a96a1ca0368373387e542f46e4820da\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1041.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1538.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1539.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id/1032442\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://git-wip-us.apache.org/repos/asf?p=camel.git%3Ba=commitdiff%3Bh=1df559649a96a1ca0368373387e542f46e4820da\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/611.html\\\"\u003eCWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)\u003c/a\u003e\"}}"
  }
}

RHSA-2015_1539

Vulnerability from csaf_redhat - Published: 2015-08-03 19:41 - Updated: 2024-11-22 09:21

Summary

Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.1.2 update

Severity

Moderate

Notes

Topic: Red Hat JBoss BPM Suite 6.1.2, which fixes three security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details: Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This release of Red Hat JBoss BPM Suite 6.1.2 serves as a replacement for Red Hat JBoss BPM Suite 6.1.0, and includes bug fixes and enhancements, which are documented in the README.txt file included with the patch files. The following security issues are also fixed with this release: It was found that Apache Camel's XML converter performed XML External Entity (XXE) expansion. A remote attacker able to submit an SAXSource containing an XXE declaration could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2015-0263) It was found that Apache Camel performed XML External Entity (XXE) expansion when evaluating invalid XML Strings or invalid XML GenericFile objects. A remote attacker able to submit a crafted XML message could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2015-0264) A flaw was found in the dashbuilder import facility: the DocumentBuilders instantiated in org.jboss.dashboard.export.ImportManagerImpl did not disable external entities. This could allow an attacker to perform a variety of XML External Entity (XXE) and Server-Side Request Forgery (SSRF) attacks. (CVE-2015-1818) Red Hat would like to thank David Jorm of IIX Product Security for reporting the CVE-2015-1818 issue. All users of Red Hat JBoss BPM Suite 6.1.0 as provided from the Red Hat Customer Portal are advised to upgrade to Red Hat JBoss BPM Suite 6.1.2.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2015-0263

It was found that Apache Camel's XML converter performed XML External Entity (XXE) expansion. A remote attacker able to submit an SAXSource containing an XXE declaration could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.

5.0 ()


                        
                          AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat JBoss BPMS 6.0 Red Hat / Red Hat Process Automation Manager	`cpe:/a:redhat:jboss_bpms:6.0`	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2015-0264

It was found that Apache Camel performed XML External Entity (XXE) expansion when evaluating invalid XML Strings or invalid XML GenericFile objects. A remote attacker able to submit a crafted XML message could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.

5.0 ()


                        
                          AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat JBoss BPMS 6.0 Red Hat / Red Hat Process Automation Manager	`cpe:/a:redhat:jboss_bpms:6.0`	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2015-1818

A flaw was found in the dashbuilder import facility: the DocumentBuilders instantiated in org.jboss.dashboard.export.ImportManagerImpl did not disable external entities. This could allow an attacker to perform a variety of XML External Entity (XXE) and Server-Side Request Forgery (SSRF) attacks.

4.3 ()


                        
                          AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat JBoss BPMS 6.0 Red Hat / Red Hat Process Automation Manager	`cpe:/a:redhat:jboss_bpms:6.0`	—	Vendor Fix fix

Threats

Impact Moderate

References

21 references

URL	Category
https://access.redhat.com/errata/RHSA-2015:1539	self
https://access.redhat.com/security/updates/classi…	external
https://access.redhat.com/jbossnetwork/restricted…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1201714	external
https://bugzilla.redhat.com/show_bug.cgi?id=1203341	external
https://bugzilla.redhat.com/show_bug.cgi?id=1203344	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2015-0263	self
https://bugzilla.redhat.com/show_bug.cgi?id=1203344	external
https://www.cve.org/CVERecord?id=CVE-2015-0263	external
https://nvd.nist.gov/vuln/detail/CVE-2015-0263	external
https://camel.apache.org/security-advisories.data…	external
https://access.redhat.com/security/cve/CVE-2015-0264	self
https://bugzilla.redhat.com/show_bug.cgi?id=1203341	external
https://www.cve.org/CVERecord?id=CVE-2015-0264	external
https://nvd.nist.gov/vuln/detail/CVE-2015-0264	external
https://camel.apache.org/security-advisories.data…	external
https://access.redhat.com/security/cve/CVE-2015-1818	self
https://bugzilla.redhat.com/show_bug.cgi?id=1201714	external
https://www.cve.org/CVERecord?id=CVE-2015-1818	external
https://nvd.nist.gov/vuln/detail/CVE-2015-1818	external

Acknowledgments

IIX Product Security David Jorm

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat JBoss BPM Suite 6.1.2, which fixes three security issues, several\nbugs, and adds various enhancements, is now available from the Red Hat\nCustomer Portal.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss BPM Suite is a business rules and processes management system\nfor the management, storage, creation, modification, and deployment of\nJBoss rules and BPMN2-compliant business processes.\n\nThis release of Red Hat JBoss BPM Suite 6.1.2 serves as a replacement for\nRed Hat JBoss BPM Suite 6.1.0, and includes bug fixes and enhancements,\nwhich are documented in the README.txt file included with the patch files.\n\nThe following security issues are also fixed with this release:\n\nIt was found that Apache Camel\u0027s XML converter performed XML External\nEntity (XXE) expansion. A remote attacker able to submit an SAXSource\ncontaining an XXE declaration could use this flaw to read files accessible\nto the user running the application server, and potentially perform other\nmore advanced XXE attacks. (CVE-2015-0263)\n\nIt was found that Apache Camel performed XML External Entity (XXE)\nexpansion when evaluating invalid XML Strings or invalid XML GenericFile\nobjects. A remote attacker able to submit a crafted XML message could use\nthis flaw to read files accessible to the user running the application\nserver, and potentially perform other more advanced XXE attacks.\n(CVE-2015-0264)\n\nA flaw was found in the dashbuilder import facility: the DocumentBuilders\ninstantiated in org.jboss.dashboard.export.ImportManagerImpl did not\ndisable external entities. This could allow an attacker to perform a\nvariety of XML External Entity (XXE) and Server-Side Request Forgery (SSRF)\nattacks. (CVE-2015-1818)\n\nRed Hat would like to thank David Jorm of IIX Product Security for\nreporting the CVE-2015-1818 issue.\n\nAll users of Red Hat JBoss BPM Suite 6.1.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss BPM Suite 6.1.2.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:1539",
        "url": "https://access.redhat.com/errata/RHSA-2015:1539"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=bpm.suite\u0026downloadType=securityPatches\u0026version=6.1.0",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=bpm.suite\u0026downloadType=securityPatches\u0026version=6.1.0"
      },
      {
        "category": "external",
        "summary": "1201714",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201714"
      },
      {
        "category": "external",
        "summary": "1203341",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203341"
      },
      {
        "category": "external",
        "summary": "1203344",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203344"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1539.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.1.2 update",
    "tracking": {
      "current_release_date": "2024-11-22T09:21:46+00:00",
      "generator": {
        "date": "2024-11-22T09:21:46+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2015:1539",
      "initial_release_date": "2015-08-03T19:41:04+00:00",
      "revision_history": [
        {
          "date": "2015-08-03T19:41:04+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2019-02-20T12:35:41+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T09:21:46+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss BPMS 6.0",
                "product": {
                  "name": "Red Hat JBoss BPMS 6.0",
                  "product_id": "Red Hat JBoss BPMS 6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_bpms:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Process Automation Manager"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-0263",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "discovery_date": "2015-03-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1203344"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Apache Camel\u0027s XML converter performed XML External Entity (XXE) expansion. A remote attacker able to submit an SAXSource containing an XXE declaration could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Camel: XXE in via SAXSource expansion",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss BPMS 6.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-0263"
        },
        {
          "category": "external",
          "summary": "RHBZ#1203344",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203344"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0263",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-0263"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0263",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0263"
        },
        {
          "category": "external",
          "summary": "https://camel.apache.org/security-advisories.data/CVE-2015-0263.txt.asc",
          "url": "https://camel.apache.org/security-advisories.data/CVE-2015-0263.txt.asc"
        }
      ],
      "release_date": "2015-03-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-08-03T19:41:04+00:00",
          "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing\nthe update, restart the server by starting the JBoss Application Server\nprocess.",
          "product_ids": [
            "Red Hat JBoss BPMS 6.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1539"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "Red Hat JBoss BPMS 6.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Camel: XXE in via SAXSource expansion"
    },
    {
      "cve": "CVE-2015-0264",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "discovery_date": "2015-03-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1203341"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Apache Camel performed XML External Entity (XXE) expansion when evaluating invalid XML Strings or invalid XML GenericFile objects. A remote attacker able to submit a crafted XML message could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Camel: XXE via XPath expression evaluation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss BPMS 6.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-0264"
        },
        {
          "category": "external",
          "summary": "RHBZ#1203341",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203341"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0264",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-0264"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0264",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0264"
        },
        {
          "category": "external",
          "summary": "https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc",
          "url": "https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc"
        }
      ],
      "release_date": "2015-03-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-08-03T19:41:04+00:00",
          "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing\nthe update, restart the server by starting the JBoss Application Server\nprocess.",
          "product_ids": [
            "Red Hat JBoss BPMS 6.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1539"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "Red Hat JBoss BPMS 6.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Camel: XXE via XPath expression evaluation"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "David Jorm"
          ],
          "organization": "IIX Product Security"
        }
      ],
      "cve": "CVE-2015-1818",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "discovery_date": "2015-03-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1201714"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the dashbuilder import facility: the DocumentBuilders instantiated in org.jboss.dashboard.export.ImportManagerImpl did not disable external entities. This could allow an attacker to perform a variety of XML External Entity (XXE) and Server-Side Request Forgery (SSRF) attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "dashbuilder: XXE/SSRF vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss BPMS 6.0"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-1818"
        },
        {
          "category": "external",
          "summary": "RHBZ#1201714",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201714"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-1818",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-1818"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-1818",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1818"
        }
      ],
      "release_date": "2015-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-08-03T19:41:04+00:00",
          "details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing\nthe update, restart the server by starting the JBoss Application Server\nprocess.",
          "product_ids": [
            "Red Hat JBoss BPMS 6.0"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:1539"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "Red Hat JBoss BPMS 6.0"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "dashbuilder: XXE/SSRF vulnerability"
    }
  ]
}

RHSA-2015_2558

Vulnerability from csaf_redhat - Published: 2015-12-07 20:46 - Updated: 2024-11-22 09:21

Summary

Red Hat Security Advisory: Red Hat JBoss Fuse Service Works 6.2.1 update

Severity

Important

Notes

Topic: Red Hat JBoss Fuse Service Works 6.2.1, which fixes three security issues and various bugs, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details: Red Hat JBoss Fuse Service Works is the next-generation ESB and business process automation infrastructure. This release of Red Hat JBoss Fuse Service Works 6.2.1 serves as a replacement for Red Hat JBoss Fuse Service Works 6.0.0. It includes various bug fixes, which are listed in the README file included with the patch files. The following security issues are fixed with this release: A flaw was discovered that when an application uses Groovy (has it on the classpath) and uses the standard Java serialization mechanism, an attacker can bake a special serialized object that executes code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability. (CVE-2015-3253) It was found that Apache Camel's XML converter performed XML External Entity (XXE) expansion. A remote attacker able to submit an SAXSource containing an XXE declaration could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2015-0263) It was found that Apache Camel performed XML External Entity (XXE) expansion when evaluating invalid XML Strings or invalid XML GenericFile objects. A remote attacker able to submit a crafted XML message could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks. (CVE-2015-0264) All users of Red Hat JBoss Fuse Service Works 6.0.0 as provided from the Red Hat Customer Portal are advised to apply this security update.

CVE-2015-0263

5.0 ()


                        
                          AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat JBoss Fuse Service Works 6.2 Red Hat / Red Hat JBoss Fuse Service Works	`cpe:/a:redhat:jboss_fuse_service_works:6.2`	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2015-0264

5.0 ()


                        
                          AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-611 - Improper Restriction of XML External Entity Reference

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat JBoss Fuse Service Works 6.2 Red Hat / Red Hat JBoss Fuse Service Works	`cpe:/a:redhat:jboss_fuse_service_works:6.2`	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2015-3253

A flaw was discovered in the way applications using Groovy used the standard Java serialization mechanism. A remote attacker could use a specially crafted serialized object that would execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability.

9.6 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE-284 - Improper Access Control

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Red Hat JBoss Fuse Service Works 6.2 Red Hat / Red Hat JBoss Fuse Service Works	`cpe:/a:redhat:jboss_fuse_service_works:6.2`	—	Vendor Fix fix Workaround

Threats

Impact Important

References

22 references

URL	Category
https://access.redhat.com/errata/RHSA-2015:2558	self
https://access.redhat.com/security/updates/classi…	external
https://access.redhat.com/jbossnetwork/restricted…	external
https://bugzilla.redhat.com/show_bug.cgi?id=1203341	external
https://bugzilla.redhat.com/show_bug.cgi?id=1203344	external
https://bugzilla.redhat.com/show_bug.cgi?id=1243934	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2015-0263	self
https://bugzilla.redhat.com/show_bug.cgi?id=1203344	external
https://www.cve.org/CVERecord?id=CVE-2015-0263	external
https://nvd.nist.gov/vuln/detail/CVE-2015-0263	external
https://camel.apache.org/security-advisories.data…	external
https://access.redhat.com/security/cve/CVE-2015-0264	self
https://bugzilla.redhat.com/show_bug.cgi?id=1203341	external
https://www.cve.org/CVERecord?id=CVE-2015-0264	external
https://nvd.nist.gov/vuln/detail/CVE-2015-0264	external
https://camel.apache.org/security-advisories.data…	external
https://access.redhat.com/security/cve/CVE-2015-3253	self
https://bugzilla.redhat.com/show_bug.cgi?id=1243934	external
https://www.cve.org/CVERecord?id=CVE-2015-3253	external
https://nvd.nist.gov/vuln/detail/CVE-2015-3253	external
http://seclists.org/oss-sec/2015/q3/121	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat JBoss Fuse Service Works 6.2.1, which fixes three security issues\nand various bugs, is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Fuse Service Works is the next-generation ESB and business\nprocess automation infrastructure.\n\nThis release of Red Hat JBoss Fuse Service Works 6.2.1 serves as a\nreplacement for Red Hat JBoss Fuse Service Works 6.0.0. It includes various\nbug fixes, which are listed in the README file included with the patch\nfiles.\n\nThe following security issues are fixed with this release:\n\nA flaw was discovered that when an application uses Groovy (has it on the\nclasspath) and uses the standard Java serialization mechanism, an attacker\ncan bake a special serialized object that executes code directly when\ndeserialized. All applications which rely on serialization and do not\nisolate the code which deserializes objects are subject to this\nvulnerability. (CVE-2015-3253)\n\nIt was found that Apache Camel\u0027s XML converter performed XML External\nEntity (XXE) expansion. A remote attacker able to submit an SAXSource\ncontaining an XXE declaration could use this flaw to read files accessible\nto the user running the application server, and potentially perform other\nmore advanced XXE attacks. (CVE-2015-0263)\n\nIt was found that Apache Camel performed XML External Entity (XXE)\nexpansion when evaluating invalid XML Strings or invalid XML GenericFile\nobjects. A remote attacker able to submit a crafted XML message could use\nthis flaw to read files accessible to the user running the application\nserver, and potentially perform other more advanced XXE attacks.\n(CVE-2015-0264)\n\nAll users of Red Hat JBoss Fuse Service Works 6.0.0 as provided from the\nRed Hat Customer Portal are advised to apply this security update.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2015:2558",
        "url": "https://access.redhat.com/errata/RHSA-2015:2558"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse.serviceworks\u0026downloadType=distributions\u0026version=6.2.1",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse.serviceworks\u0026downloadType=distributions\u0026version=6.2.1"
      },
      {
        "category": "external",
        "summary": "1203341",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203341"
      },
      {
        "category": "external",
        "summary": "1203344",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203344"
      },
      {
        "category": "external",
        "summary": "1243934",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243934"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_2558.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Fuse Service Works 6.2.1 update",
    "tracking": {
      "current_release_date": "2024-11-22T09:21:53+00:00",
      "generator": {
        "date": "2024-11-22T09:21:53+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2015:2558",
      "initial_release_date": "2015-12-07T20:46:48+00:00",
      "revision_history": [
        {
          "date": "2015-12-07T20:46:48+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2019-02-20T12:38:27+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T09:21:53+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Fuse Service Works 6.2",
                "product": {
                  "name": "Red Hat JBoss Fuse Service Works 6.2",
                  "product_id": "Red Hat JBoss Fuse Service Works 6.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_fuse_service_works:6.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Fuse Service Works"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-0263",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "discovery_date": "2015-03-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1203344"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Apache Camel\u0027s XML converter performed XML External Entity (XXE) expansion. A remote attacker able to submit an SAXSource containing an XXE declaration could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Camel: XXE in via SAXSource expansion",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Fuse Service Works 6.2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-0263"
        },
        {
          "category": "external",
          "summary": "RHBZ#1203344",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203344"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0263",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-0263"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0263",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0263"
        },
        {
          "category": "external",
          "summary": "https://camel.apache.org/security-advisories.data/CVE-2015-0263.txt.asc",
          "url": "https://camel.apache.org/security-advisories.data/CVE-2015-0263.txt.asc"
        }
      ],
      "release_date": "2015-03-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-07T20:46:48+00:00",
          "details": "The References section of this erratum contains a download link (you must\nlog in to download the updates). Before applying the updates, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing\nthe update, restart the server by starting the JBoss Application Server\nprocess.",
          "product_ids": [
            "Red Hat JBoss Fuse Service Works 6.2"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2558"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "Red Hat JBoss Fuse Service Works 6.2"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Camel: XXE in via SAXSource expansion"
    },
    {
      "cve": "CVE-2015-0264",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "discovery_date": "2015-03-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1203341"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Apache Camel performed XML External Entity (XXE) expansion when evaluating invalid XML Strings or invalid XML GenericFile objects. A remote attacker able to submit a crafted XML message could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Camel: XXE via XPath expression evaluation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Fuse Service Works 6.2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-0264"
        },
        {
          "category": "external",
          "summary": "RHBZ#1203341",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1203341"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0264",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-0264"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0264",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0264"
        },
        {
          "category": "external",
          "summary": "https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc",
          "url": "https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc"
        }
      ],
      "release_date": "2015-03-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-07T20:46:48+00:00",
          "details": "The References section of this erratum contains a download link (you must\nlog in to download the updates). Before applying the updates, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing\nthe update, restart the server by starting the JBoss Application Server\nprocess.",
          "product_ids": [
            "Red Hat JBoss Fuse Service Works 6.2"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2558"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "Red Hat JBoss Fuse Service Works 6.2"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Camel: XXE via XPath expression evaluation"
    },
    {
      "cve": "CVE-2015-3253",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "discovery_date": "2015-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1243934"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in the way applications using Groovy used the standard Java serialization mechanism. A remote attacker could use a specially crafted serialized object that would execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects are subject to this vulnerability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "groovy: remote execution of untrusted code in class MethodClosure",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Fuse Service Works 6.2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-3253"
        },
        {
          "category": "external",
          "summary": "RHBZ#1243934",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243934"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-3253",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-3253"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3253",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3253"
        },
        {
          "category": "external",
          "summary": "http://seclists.org/oss-sec/2015/q3/121",
          "url": "http://seclists.org/oss-sec/2015/q3/121"
        }
      ],
      "release_date": "2015-07-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2015-12-07T20:46:48+00:00",
          "details": "The References section of this erratum contains a download link (you must\nlog in to download the updates). Before applying the updates, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing\nthe update, restart the server by starting the JBoss Application Server\nprocess.",
          "product_ids": [
            "Red Hat JBoss Fuse Service Works 6.2"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2015:2558"
        },
        {
          "category": "workaround",
          "details": "Apply the following patch on the MethodClosure class (src/main/org/codehaus/groovy/runtime/MethodClosure.java):\n\n    public class MethodClosure extends Closure {\n        +    private Object readResolve() {\n        +        throw new UnsupportedOperationException();\n        +    \n        }\n\nAlternatively, you should make sure to use a custom security policy file (using the standard Java security manager) or make sure that you do not rely on serialization to communicate remotely.",
          "product_ids": [
            "Red Hat JBoss Fuse Service Works 6.2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Fuse Service Works 6.2"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "groovy: remote execution of untrusted code in class MethodClosure"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-0264 (GCVE-0-2015-0264)

RHSA-2015_1539

RHSA-2015_2558

Tags

Sightings

Nomenclature