RHSA-2020:2563
Vulnerability from csaf_redhat
Published
2020-06-15 16:16
Modified
2024-11-22 15:10
Summary
Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update
Notes
Topic
This is a security update for JBoss EAP Continuous Delivery 14.0.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements.
Security Fix(es):
* XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465)
* XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE (CVE-2017-7503)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This is a security update for JBoss EAP Continuous Delivery 14.0.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465)\n\n* XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE (CVE-2017-7503)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2563",
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14"
},
{
"category": "external",
"summary": "1439980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
},
{
"category": "external",
"summary": "1451960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2563.json"
}
],
"title": "Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update",
"tracking": {
"current_release_date": "2024-11-22T15:10:53+00:00",
"generator": {
"date": "2024-11-22T15:10:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:2563",
"initial_release_date": "2020-06-15T16:16:39+00:00",
"revision_history": [
{
"date": "2020-06-15T16:16:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-06-15T16:16:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T15:10:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EAP-CD 14 Tech Preview",
"product": {
"name": "EAP-CD 14 Tech Preview",
"product_id": "EAP-CD 14 Tech Preview",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_cd:14"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Jason Shepherd"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7465",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2017-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1439980"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the JAXP implementation used in EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JBoss: JAXP in EAP 7.0 allows RCE via XSL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 14 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7465"
},
{
"category": "external",
"summary": "RHBZ#1439980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7465",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465"
}
],
"release_date": "2017-04-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:16:39+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 14 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "workaround",
"details": "Doing a transform in JAXP requires the use of a \u0027javax.xml.transform.TransformerFactory\u0027. If the FEATURE_SECURE_PROCESSING feature is set to \u0027true\u0027, it mitigates this vulnerability. Eg:\n\nTransformerFactory factory = TransformerFactory.newInstance();\nfactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);",
"product_ids": [
"EAP-CD 14 Tech Preview"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"EAP-CD 14 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JBoss: JAXP in EAP 7.0 allows RCE via XSL"
},
{
"acknowledgments": [
{
"names": [
"Jason Shepherd"
],
"organization": "Red Hat Product Security",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Katerina Novotna"
],
"organization": "Red Hat Quality Engineering",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7503",
"discovery_date": "2017-05-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1451960"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: XXE issue in TransformerFactory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 14 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7503"
},
{
"category": "external",
"summary": "RHBZ#1451960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7503",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503"
}
],
"release_date": "2017-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:16:39+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 14 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "workaround",
"details": "This issue affects processing of XML content from an untrusted source using a javax.xml.transform.TransformerFactory. The only safe way to process untrusted XML content with a TransformerFactory is to use the StAX API. StAX is a safe implementation on EAP 7.0.x because the XML content is not read in it\u0027s entirety in order to parse it. As a developer using StAX, you decide which XML stream events you want to react to, so XXE control constructs won\u0027t be processed automatically by the parser.",
"product_ids": [
"EAP-CD 14 Tech Preview"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"EAP-CD 14 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: XXE issue in TransformerFactory"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.