cvelistv5 - cve-2010-1871

CVE-2010-1871 (GCVE-0-2010-1871)

Vulnerability from cvelistv5 – Published: 2010-08-04 19:00 – Updated: 2025-10-22 00:05

CISA

Summary

JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

URL

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2021-12-10

Due date: 2022-06-10

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2010-1871

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:35:53.728Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "41994",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/41994"
          },
          {
            "name": "20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html"
          },
          {
            "name": "1024253",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024253"
          },
          {
            "name": "ADV-2010-1929",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1929"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
          },
          {
            "name": "seam-expressions-code-execution(60794)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794"
          },
          {
            "name": "RHSA-2010:0564",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0564.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20161017-0001/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2010-1871",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T19:33:04.339981Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-12-10",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-917",
                "description": "CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-22T00:05:51.923Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-12-10T00:00:00+00:00",
            "value": "CVE-2010-1871 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-07-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-09T10:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "41994",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/41994"
        },
        {
          "name": "20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html"
        },
        {
          "name": "1024253",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024253"
        },
        {
          "name": "ADV-2010-1929",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1929"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
        },
        {
          "name": "seam-expressions-code-execution(60794)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794"
        },
        {
          "name": "RHSA-2010:0564",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0564.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20161017-0001/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-1871",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "41994",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/41994"
            },
            {
              "name": "20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html"
            },
            {
              "name": "1024253",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1024253"
            },
            {
              "name": "ADV-2010-1929",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1929"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=615956",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
            },
            {
              "name": "seam-expressions-code-execution(60794)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794"
            },
            {
              "name": "RHSA-2010:0564",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0564.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20161017-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20161017-0001/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-1871",
    "datePublished": "2010-08-04T19:00:00.000Z",
    "dateReserved": "2010-05-10T00:00:00.000Z",
    "dateUpdated": "2025-10-22T00:05:51.923Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2010-1871",
      "cwes": "[\"CWE-20\"]",
      "dateAdded": "2021-12-10",
      "dueDate": "2022-06-10",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2010-1871",
      "product": "JBoss Seam 2",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.",
      "vendorProject": "Red Hat",
      "vulnerabilityName": "Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-06-10",
      "cisaExploitAdd": "2021-12-10",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability",
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E82B2AD8-967D-4ABE-982B-87B9DE73F8D6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA2C244C-82F6-49BC-B7F7-54AB989C43E8\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*\", \"matchCriteriaId\": \"95B173E0-1475-4F8D-A982-86F36BE3DD4A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.\"}, {\"lang\": \"es\", \"value\": \"JBoss Seam 2 (jboss-seam2), como el usado en JBoss Enterprise Application Platform v4.3.0 para Red Hat Linux, no sanea adecuadamente las entradas de de la expresiones de Expression LanguageJBoss Expression Language (EL), lo que permite a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n a trav\\u00e9s de URL manipuladas. NOTA: Solo se da esta vulnerabilidad cuando el Java Security Manager no est\\u00e1 configurado adecuadamente. \\r\\n\\r\\n\\r\\n\"}]",
      "id": "CVE-2010-1871",
      "lastModified": "2024-12-19T17:52:39.207",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2010-08-05T13:23:09.477",
      "references": "[{\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0564.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/bid/41994\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1024253\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1929\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=615956\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20161017-0001/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0564.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/bid/41994\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1024253\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/1929\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=615956\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20161017-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-917\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-1871\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-08-05T13:23:09.477\",\"lastModified\":\"2025-10-22T01:15:36.810\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.\"},{\"lang\":\"es\",\"value\":\"JBoss Seam 2 (jboss-seam2), como el usado en JBoss Enterprise Application Platform v4.3.0 para Red Hat Linux, no sanea adecuadamente las entradas de de la expresiones de Expression LanguageJBoss Expression Language (EL), lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de URL manipuladas. NOTA: Solo se da esta vulnerabilidad cuando el Java Security Manager no est\u00e1 configurado adecuadamente. \\r\\n\\r\\n\\r\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2021-12-10\",\"cisaActionDue\":\"2022-06-10\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-917\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-917\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E82B2AD8-967D-4ABE-982B-87B9DE73F8D6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA2C244C-82F6-49BC-B7F7-54AB989C43E8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*\",\"matchCriteriaId\":\"95B173E0-1475-4F8D-A982-86F36BE3DD4A\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0564.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/41994\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1024253\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1929\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=615956\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20161017-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0564.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/41994\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1024253\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1929\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=615956\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20161017-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"product\": \"n/a\", \"vendor\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2010-07-19T00:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.\"}], \"problemTypes\": [{\"descriptions\": [{\"description\": \"n/a\", \"lang\": \"en\", \"type\": \"text\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2017-11-09T10:57:01.000Z\", \"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\"}, \"references\": [{\"name\": \"41994\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"], \"url\": \"http://www.securityfocus.com/bid/41994\"}, {\"name\": \"20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"], \"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html\"}, {\"name\": \"1024253\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"], \"url\": \"http://www.securitytracker.com/id?1024253\"}, {\"name\": \"ADV-2010-1929\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"], \"url\": \"http://www.vupen.com/english/advisories/2010/1929\"}, {\"tags\": [\"x_refsource_CONFIRM\"], \"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=615956\"}, {\"name\": \"seam-expressions-code-execution(60794)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\"], \"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794\"}, {\"name\": \"RHSA-2010:0564\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"], \"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0564.html\"}, {\"tags\": [\"x_refsource_CONFIRM\"], \"url\": \"https://security.netapp.com/advisory/ntap-20161017-0001/\"}], \"x_legacyV4Record\": {\"CVE_data_meta\": {\"ASSIGNER\": \"cve@mitre.org\", \"ID\": \"CVE-2010-1871\", \"STATE\": \"PUBLIC\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"n/a\", \"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}}]}, \"vendor_name\": \"n/a\"}]}}, \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"41994\", \"refsource\": \"BID\", \"url\": \"http://www.securityfocus.com/bid/41994\"}, {\"name\": \"20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)\", \"refsource\": \"BUGTRAQ\", \"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html\"}, {\"name\": \"1024253\", \"refsource\": \"SECTRACK\", \"url\": \"http://www.securitytracker.com/id?1024253\"}, {\"name\": \"ADV-2010-1929\", \"refsource\": \"VUPEN\", \"url\": \"http://www.vupen.com/english/advisories/2010/1929\"}, {\"name\": \"https://bugzilla.redhat.com/show_bug.cgi?id=615956\", \"refsource\": \"CONFIRM\", \"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=615956\"}, {\"name\": \"seam-expressions-code-execution(60794)\", \"refsource\": \"XF\", \"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794\"}, {\"name\": \"RHSA-2010:0564\", \"refsource\": \"REDHAT\", \"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0564.html\"}, {\"name\": \"https://security.netapp.com/advisory/ntap-20161017-0001/\", \"refsource\": \"CONFIRM\", \"url\": \"https://security.netapp.com/advisory/ntap-20161017-0001/\"}]}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-07T01:35:53.728Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"name\": \"41994\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"], \"url\": \"http://www.securityfocus.com/bid/41994\"}, {\"name\": \"20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"], \"url\": \"http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html\"}, {\"name\": \"1024253\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"], \"url\": \"http://www.securitytracker.com/id?1024253\"}, {\"name\": \"ADV-2010-1929\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"], \"url\": \"http://www.vupen.com/english/advisories/2010/1929\"}, {\"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"], \"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=615956\"}, {\"name\": \"seam-expressions-code-execution(60794)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\", \"x_transferred\"], \"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/60794\"}, {\"name\": \"RHSA-2010:0564\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"], \"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0564.html\"}, {\"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"], \"url\": \"https://security.netapp.com/advisory/ntap-20161017-0001/\"}]}, {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2010-1871\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T19:33:04.339981Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-12-10\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-917\", \"description\": \"CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement (\u0027Expression Language Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-10T19:32:54.979Z\"}, \"timeline\": [{\"time\": \"2021-12-10T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2010-1871 added to CISA KEV\"}], \"title\": \"CISA ADP Vulnrichment\"}]}",
      "cveMetadata": "{\"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"assignerShortName\": \"mitre\", \"cveId\": \"CVE-2010-1871\", \"datePublished\": \"2010-08-04T19:00:00.000Z\", \"dateReserved\": \"2010-05-10T00:00:00.000Z\", \"dateUpdated\": \"2025-10-21T20:04:23.968Z\", \"state\": \"PUBLISHED\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2010-1871

Vulnerability from fkie_nvd - Published: 2010-08-05 13:23 - Updated: 2025-10-22 01:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html	Broken Link
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2010-0564.html	Broken Link
cve@mitre.org	http://www.securityfocus.com/bid/41994	Broken Link, Third Party Advisory, VDB Entry
cve@mitre.org	http://www.securitytracker.com/id?1024253	Broken Link, Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2010/1929	Broken Link, Vendor Advisory
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=615956	Issue Tracking
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/60794	Third Party Advisory, VDB Entry
cve@mitre.org	https://security.netapp.com/advisory/ntap-20161017-0001/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2010-0564.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/41994	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1024253	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1929	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=615956	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/60794	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20161017-0001/	Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871

Impacted products

Vendor	Product	Version
redhat	jboss_enterprise_application_platform	4.3.0
redhat	enterprise_linux	4
redhat	enterprise_linux	5
netapp	oncommand_balance	-
netapp	oncommand_insight	-
netapp	oncommand_unified_manager	-

JSON

To clipboard

{
  "cisaActionDue": "2022-06-10",
  "cisaExploitAdd": "2021-12-10",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E82B2AD8-967D-4ABE-982B-87B9DE73F8D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA2C244C-82F6-49BC-B7F7-54AB989C43E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*",
              "matchCriteriaId": "95B173E0-1475-4F8D-A982-86F36BE3DD4A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured."
    },
    {
      "lang": "es",
      "value": "JBoss Seam 2 (jboss-seam2), como el usado en JBoss Enterprise Application Platform v4.3.0 para Red Hat Linux, no sanea adecuadamente las entradas de de la expresiones de Expression LanguageJBoss Expression Language (EL), lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de URL manipuladas. NOTA: Solo se da esta vulnerabilidad cuando el Java Security Manager no est\u00e1 configurado adecuadamente. \r\n\r\n\r\n"
    }
  ],
  "id": "CVE-2010-1871",
  "lastModified": "2025-10-22T01:15:36.810",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2010-08-05T13:23:09.477",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0564.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/41994"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1024253"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1929"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20161017-0001/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0564.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/41994"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1024253"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20161017-0001/"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-917"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-917"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

RHSA-2010_0564

Vulnerability from csaf_redhat - Published: 2010-07-27 12:51 - Updated: 2024-11-22 03:35

Summary

Red Hat Security Advisory: jboss-seam2 security update

Notes

Topic

Updated jboss-seam2 packages that fix one security issue are now available for JBoss Enterprise Application Platform 4.3 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. [Updated 28 July 2010] The CVE-2010-1871 description has been updated to reflect that an attacker does not need to be authenticated to exploit this issue. No changes have been made to the packages.

Details

The JBoss Seam Framework is an application framework for building web applications in Java. An input sanitization flaw was found in the way JBoss Seam processed certain parametrized JBoss Expression Language (EL) expressions. A remote attacker could use this flaw to execute arbitrary code via a URL, containing appended, specially-crafted expression language parameters, provided to certain applications based on the JBoss Seam framework. Note: A properly configured and enabled Java Security Manager would prevent exploitation of this flaw. (CVE-2010-1871) Red Hat would like to thank Meder Kydyraliev of the Google Security Team for responsibly reporting this issue. Users of jboss-seam2 should upgrade to these updated packages, which contain a backported patch to correct this issue. The JBoss server process must be restarted for this update to take effect.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated jboss-seam2 packages that fix one security issue are now available\nfor JBoss Enterprise Application Platform 4.3 for Red Hat Enterprise Linux\n4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\n[Updated 28 July 2010]\nThe CVE-2010-1871 description has been updated to reflect that an attacker\ndoes not need to be authenticated to exploit this issue. No changes have\nbeen made to the packages.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The JBoss Seam Framework is an application framework for building web\napplications in Java.\n\nAn input sanitization flaw was found in the way JBoss Seam processed\ncertain parametrized JBoss Expression Language (EL) expressions. A remote\nattacker could use this flaw to execute arbitrary code via a URL,\ncontaining appended, specially-crafted expression language parameters,\nprovided to certain applications based on the JBoss Seam framework. Note: A\nproperly configured and enabled Java Security Manager would prevent\nexploitation of this flaw. (CVE-2010-1871)\n\nRed Hat would like to thank Meder Kydyraliev of the Google Security Team\nfor responsibly reporting this issue.\n\nUsers of jboss-seam2 should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. The JBoss server process\nmust be restarted for this update to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2010:0564",
        "url": "https://access.redhat.com/errata/RHSA-2010:0564"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "615956",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0564.json"
      }
    ],
    "title": "Red Hat Security Advisory: jboss-seam2 security update",
    "tracking": {
      "current_release_date": "2024-11-22T03:35:16+00:00",
      "generator": {
        "date": "2024-11-22T03:35:16+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2010:0564",
      "initial_release_date": "2010-07-27T12:51:00+00:00",
      "revision_history": [
        {
          "date": "2010-07-27T12:51:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2010-07-28T09:20:30+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T03:35:16+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
                  "product_id": "4AS-JBEAP-4.3.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
                  "product_id": "4ES-JBEAP-4.3.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
                  "product_id": "5Server-JBEAP-4.3.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
                "product": {
                  "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
                  "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.24.el4?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
                "product": {
                  "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
                  "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.24.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
                "product": {
                  "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
                  "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.24.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
                "product": {
                  "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
                  "product_id": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2-docs@2.0.2.FP-1.ep1.24.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
                "product": {
                  "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
                  "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.24.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch",
                "product": {
                  "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch",
                  "product_id": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2-docs@2.0.2.FP-1.ep1.24.el5?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
          "product_id": "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
        "relates_to_product_reference": "4AS-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
          "product_id": "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
        "relates_to_product_reference": "4AS-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
          "product_id": "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch"
        },
        "product_reference": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
        "relates_to_product_reference": "4AS-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
          "product_id": "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
        "relates_to_product_reference": "4ES-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
          "product_id": "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
        "relates_to_product_reference": "4ES-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
          "product_id": "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch"
        },
        "product_reference": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
        "relates_to_product_reference": "4ES-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch"
        },
        "product_reference": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-4.3.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Meder Kydyraliev"
          ],
          "organization": "Google Security Team"
        }
      ],
      "cve": "CVE-2010-1871",
      "discovery_date": "2010-07-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "615956"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Seam2: Improper sanitization of parametrized JBoss EL expressions (ACE)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
          "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
          "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
          "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
          "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
          "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
          "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
          "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
          "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2010-1871"
        },
        {
          "category": "external",
          "summary": "RHBZ#615956",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2010-1871",
          "url": "https://www.cve.org/CVERecord?id=CVE-2010-1871"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1871",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1871"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2010-07-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-07-27T12:51:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
            "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
            "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
            "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
            "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0564"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
            "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
            "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
            "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
            "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2021-12-10T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Seam2: Improper sanitization of parametrized JBoss EL expressions (ACE)"
    }
  ]
}

RHSA-2010:0564

Vulnerability from csaf_redhat - Published: 2010-07-27 12:51 - Updated: 2025-11-21 17:36

Summary

Red Hat Security Advisory: jboss-seam2 security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated jboss-seam2 packages that fix one security issue are now available\nfor JBoss Enterprise Application Platform 4.3 for Red Hat Enterprise Linux\n4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\n[Updated 28 July 2010]\nThe CVE-2010-1871 description has been updated to reflect that an attacker\ndoes not need to be authenticated to exploit this issue. No changes have\nbeen made to the packages.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The JBoss Seam Framework is an application framework for building web\napplications in Java.\n\nAn input sanitization flaw was found in the way JBoss Seam processed\ncertain parametrized JBoss Expression Language (EL) expressions. A remote\nattacker could use this flaw to execute arbitrary code via a URL,\ncontaining appended, specially-crafted expression language parameters,\nprovided to certain applications based on the JBoss Seam framework. Note: A\nproperly configured and enabled Java Security Manager would prevent\nexploitation of this flaw. (CVE-2010-1871)\n\nRed Hat would like to thank Meder Kydyraliev of the Google Security Team\nfor responsibly reporting this issue.\n\nUsers of jboss-seam2 should upgrade to these updated packages, which\ncontain a backported patch to correct this issue. The JBoss server process\nmust be restarted for this update to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2010:0564",
        "url": "https://access.redhat.com/errata/RHSA-2010:0564"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "615956",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0564.json"
      }
    ],
    "title": "Red Hat Security Advisory: jboss-seam2 security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:36:23+00:00",
      "generator": {
        "date": "2025-11-21T17:36:23+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2010:0564",
      "initial_release_date": "2010-07-27T12:51:00+00:00",
      "revision_history": [
        {
          "date": "2010-07-27T12:51:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2010-07-28T09:20:30+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:36:23+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
                  "product_id": "4AS-JBEAP-4.3.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
                  "product_id": "4ES-JBEAP-4.3.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
                  "product_id": "5Server-JBEAP-4.3.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0::el5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
                "product": {
                  "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
                  "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.24.el4?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
                "product": {
                  "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
                  "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.24.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
                "product": {
                  "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
                  "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.24.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
                "product": {
                  "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
                  "product_id": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2-docs@2.0.2.FP-1.ep1.24.el4?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
                "product": {
                  "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
                  "product_id": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2@2.0.2.FP-1.ep1.24.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch",
                "product": {
                  "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch",
                  "product_id": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-seam2-docs@2.0.2.FP-1.ep1.24.el5?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
          "product_id": "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
        "relates_to_product_reference": "4AS-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
          "product_id": "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
        "relates_to_product_reference": "4AS-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 AS",
          "product_id": "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch"
        },
        "product_reference": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
        "relates_to_product_reference": "4AS-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
          "product_id": "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
        "relates_to_product_reference": "4ES-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
          "product_id": "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
        "relates_to_product_reference": "4ES-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 4 ES",
          "product_id": "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch"
        },
        "product_reference": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
        "relates_to_product_reference": "4ES-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src"
        },
        "product_reference": "jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-4.3.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 4.3.0 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch"
        },
        "product_reference": "jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-4.3.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Meder Kydyraliev"
          ],
          "organization": "Google Security Team"
        }
      ],
      "cve": "CVE-2010-1871",
      "discovery_date": "2010-07-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "615956"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Seam2: Improper sanitization of parametrized JBoss EL expressions (ACE)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
          "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
          "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
          "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
          "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
          "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
          "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
          "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
          "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2010-1871"
        },
        {
          "category": "external",
          "summary": "RHBZ#615956",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2010-1871",
          "url": "https://www.cve.org/CVERecord?id=CVE-2010-1871"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1871",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1871"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2010-07-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2010-07-27T12:51:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
            "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
            "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
            "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
            "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2010:0564"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "products": [
            "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4AS-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
            "4AS-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "4ES-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el4.src",
            "4ES-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el4.noarch",
            "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.noarch",
            "5Server-JBEAP-4.3.0:jboss-seam2-0:2.0.2.FP-1.ep1.24.el5.src",
            "5Server-JBEAP-4.3.0:jboss-seam2-docs-0:2.0.2.FP-1.ep1.24.el5.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2021-12-10T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Seam2: Improper sanitization of parametrized JBoss EL expressions (ACE)"
    }
  ]
}

GHSA-R6FV-QMRC-3H24

Vulnerability from github – Published: 2022-05-17 00:25 – Updated: 2025-10-22 03:30

Details

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-1871"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-917"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-08-05T13:23:00Z",
    "severity": "MODERATE"
  },
  "details": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.",
  "id": "GHSA-r6fv-qmrc-3h24",
  "modified": "2025-10-22T03:30:28Z",
  "published": "2022-05-17T00:25:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1871"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20161017-0001"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1871"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0564.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/41994"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1024253"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/1929"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2010-1871

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-1871

Aliases

CVE-2010-1871

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-1871",
    "description": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.",
    "id": "GSD-2010-1871",
    "references": [
      "https://access.redhat.com/errata/RHSA-2010:0564",
      "https://packetstormsecurity.com/files/cve/CVE-2010-1871"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-1871"
      ],
      "details": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured.",
      "id": "GSD-2010-1871",
      "modified": "2023-12-13T01:21:32.968644Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2010-1871",
      "dateAdded": "2021-12-10",
      "dueDate": "2022-06-10",
      "product": "JBoss Seam 2",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured.",
      "vendorProject": "Red Hat",
      "vulnerabilityName": "Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2010-1871",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "41994",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/41994"
          },
          {
            "name": "20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)",
            "refsource": "BUGTRAQ",
            "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html"
          },
          {
            "name": "1024253",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1024253"
          },
          {
            "name": "ADV-2010-1929",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/1929"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=615956",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
          },
          {
            "name": "seam-expressions-code-execution(60794)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794"
          },
          {
            "name": "RHSA-2010:0564",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0564.html"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20161017-0001/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20161017-0001/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-1871"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language (EL) expressions, which allows remote attackers to execute arbitrary code via a crafted URL.  NOTE: this is only a vulnerability when the Java Security Manager is not properly configured."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1024253",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1024253"
            },
            {
              "name": "41994",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/41994"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=615956",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=615956"
            },
            {
              "name": "ADV-2010-1929",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1929"
            },
            {
              "name": "RHSA-2010:0564",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0564.html"
            },
            {
              "name": "20130528 CA20130528-01: Security Notice for CA Process Automation (CA PAM)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2013-05/0117.html"
            },
            {
              "name": "seam-expressions-code-execution(60794)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60794"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20161017-0001/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://security.netapp.com/advisory/ntap-20161017-0001/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-11-10T02:29Z",
      "publishedDate": "2010-08-05T13:23Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-1871 (GCVE-0-2010-1871)

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

FKIE_CVE-2010-1871

RHSA-2010_0564

RHSA-2010:0564

GHSA-R6FV-QMRC-3H24

GSD-2010-1871

Tags

Sightings

Nomenclature