cvelistv5 - cve-2017-5656

CVE-2017-5656 (GCVE-0-2017-5656)

Vulnerability from cvelistv5 – Published: 2017-04-18 16:00 – Updated: 2024-08-05 15:11

Summary

Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user.

Severity ?

No CVSS data available.

CWE

Apache CXF's STSClient uses a flawed way of caching tokens that are associated with delegation tokens.

Assigner

apache

References

URL

	Vendor	Product	Version
	Apache Software Foundation	Apache CXF	Affected: 3.1.x before 3.1.11 Affected: versions before 3.0.13

RHSA-2017:1832

Vulnerability from csaf_redhat - Published: 2017-08-10 23:03 - Updated: 2025-11-21 18:01

Summary

Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R4 security and bug fix update

Notes

Topic

An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files. Security Fix(es): * It was discovered that the hawtio servlet uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies. (CVE-2017-2589) * It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user's private information. (CVE-2015-6644) * It was found that Apache Camel's camel-jackson and camel-jacksonxml components are vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security flaws as demonstrated in various similar reports about Java de-serialization issues. (CVE-2016-8749) * It was found that Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded / to a request an attacker may be able to bypass a security constraint. (CVE-2016-9879) * It was found that a path traversal vulnerability in hawtio leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio's root. (CVE-2017-2594) * It was found that Apache CXF OAuth2 Hawk and JOSE MAC Validation code is not using a constant time MAC signature comparison algorithm which may be exploited by some sophisticated timing attacks. It may only affect OAuth2 Hawk, JWT access tokens, or JOSE JWS/JWE interceptors which depend on HMAC secret key algorithms. (CVE-2017-3156) * It was found that Apache Camel's validation component evaluates DTD headers of XML stream sources, although a validation against XML schemas (XSD) is executed. Remote attackers can use this feature to make Server-Side Request Forgery (SSRF) attacks by sending XML documents with remote DTDs URLs or XML External Entities (XXE). (CVE-2017-5643) * It was found that a flaw exists in JAX-RS clients using the streaming approach for XML signatures and encryption, where it does not enforce the message to be signed/encrypted. This could allow an attacker to subvert the integrity of the message. (CVE-2017-5653) * It was found that the token cacher in Apache cxf uses a flawed way of caching tokens that are associated with the delegation token received from Security Token Service (STS). This vulnerability could allow an attacker to craft a token which could return an identifier corresponding to a cached token for another user. (CVE-2017-5656) * It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated attackers on the adjacent network can leverage this vulnerability to execute arbitrary code through deserialization of custom gadget chains. (CVE-2017-5929) * It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type 'void'. An attacker could use this flaw to create a denial of service on the target system. (CVE-2017-7957) The CVE-2017-2589 issue was discovered by Adam Willard (Blue Canopy) and Dennis Reed (Red Hat) and the CVE-2017-2594 issue was discovered by Hooman Broujerdi (Red Hat).

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.\n\nSecurity Fix(es):\n\n* It was discovered that the hawtio servlet uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies. (CVE-2017-2589)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information. (CVE-2015-6644)\n\n* It was found that Apache Camel\u0027s camel-jackson and camel-jacksonxml components are vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security flaws as demonstrated in various similar reports about Java de-serialization issues. (CVE-2016-8749)\n\n* It was found that Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded / to a request an attacker may be able to bypass a security constraint. (CVE-2016-9879)\n\n* It was found that a path traversal vulnerability in hawtio leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio\u0027s root. (CVE-2017-2594)\n\n* It was found that Apache CXF OAuth2 Hawk and JOSE MAC Validation code is not using a constant time MAC signature comparison algorithm which may be exploited by some sophisticated timing attacks. It may only affect OAuth2 Hawk, JWT access tokens, or JOSE JWS/JWE interceptors which depend on HMAC secret key algorithms. (CVE-2017-3156)\n\n* It was found that Apache Camel\u0027s validation component evaluates DTD headers of XML stream sources, although a validation against XML schemas (XSD) is executed. Remote attackers can use this feature to make Server-Side Request Forgery (SSRF) attacks by sending XML documents with remote DTDs URLs or XML External Entities (XXE). (CVE-2017-5643)\n\n* It was found that a flaw exists in JAX-RS clients using the streaming approach for XML signatures and encryption, where it does not enforce the message to be signed/encrypted. This could allow an attacker to subvert the integrity of the message. (CVE-2017-5653)\n\n* It was found that the token cacher in Apache cxf uses a flawed way of caching tokens that are associated with the delegation token received from Security Token Service (STS). This vulnerability could allow an attacker to craft a token which could return an identifier corresponding to a cached token for another user. (CVE-2017-5656)\n\n* It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated attackers on the adjacent network can leverage this vulnerability to execute arbitrary code through deserialization of custom gadget chains. (CVE-2017-5929)\n\n* It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type \u0027void\u0027. An attacker could use this flaw to create a denial of service on the target system. (CVE-2017-7957)\n\nThe CVE-2017-2589 issue was discovered by Adam Willard (Blue Canopy) and Dennis Reed (Red Hat) and the CVE-2017-2594 issue was discovered by Hooman Broujerdi (Red Hat).",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1832",
        "url": "https://access.redhat.com/errata/RHSA-2017:1832"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq\u0026version=6.3.0",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq\u0026version=6.3.0"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/"
      },
      {
        "category": "external",
        "summary": "1409838",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1409838"
      },
      {
        "category": "external",
        "summary": "1413905",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413905"
      },
      {
        "category": "external",
        "summary": "1415543",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415543"
      },
      {
        "category": "external",
        "summary": "1420832",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420832"
      },
      {
        "category": "external",
        "summary": "1425455",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425455"
      },
      {
        "category": "external",
        "summary": "1432858",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1432858"
      },
      {
        "category": "external",
        "summary": "1433374",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433374"
      },
      {
        "category": "external",
        "summary": "1441538",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441538"
      },
      {
        "category": "external",
        "summary": "1444015",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
      },
      {
        "category": "external",
        "summary": "1445327",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445327"
      },
      {
        "category": "external",
        "summary": "1445329",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445329"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1832.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R4 security and bug fix update",
    "tracking": {
      "current_release_date": "2025-11-21T18:01:26+00:00",
      "generator": {
        "date": "2025-11-21T18:01:26+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2017:1832",
      "initial_release_date": "2017-08-10T23:03:00+00:00",
      "revision_history": [
        {
          "date": "2017-08-10T23:03:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-08-15T01:47:49+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T18:01:26+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss A-MQ 6.3",
                "product": {
                  "name": "Red Hat JBoss A-MQ 6.3",
                  "product_id": "Red Hat JBoss A-MQ 6.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_amq:6.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Fuse 6.3",
                "product": {
                  "name": "Red Hat JBoss Fuse 6.3",
                  "product_id": "Red Hat JBoss Fuse 6.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_fuse:6.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Fuse"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-6644",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1444015"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bouncycastle: Information disclosure in GCMBlockCipher",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-6644"
        },
        {
          "category": "external",
          "summary": "RHBZ#1444015",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-6644",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-6644"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644"
        }
      ],
      "release_date": "2016-01-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "bouncycastle: Information disclosure in GCMBlockCipher"
    },
    {
      "cve": "CVE-2016-8749",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-02-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1420832"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Apache Camel\u0027s camel-jackson and camel-jacksonxml components are vulnerable to Java object de-serialisation vulnerability. Camel allows such a type through the \u0027CamelJacksonUnmarshalType\u0027 property. De-serializing untrusted data can lead to security flaws as demonstrated in various similar reports about Java de-serialization issues.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "camel-jacksonxml: Unmarshalling operation are vulnerable to RCE",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8749"
        },
        {
          "category": "external",
          "summary": "RHBZ#1420832",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420832"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8749",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8749"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8749",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8749"
        },
        {
          "category": "external",
          "summary": "http://camel.apache.org/security-advisories.data/CVE-2016-8749.txt.asc",
          "url": "http://camel.apache.org/security-advisories.data/CVE-2016-8749.txt.asc"
        }
      ],
      "release_date": "2016-12-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "camel-jacksonxml: Unmarshalling operation are vulnerable to RCE"
    },
    {
      "cve": "CVE-2016-9879",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2016-12-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1409838"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded / to a request an attacker may be able to bypass a security constraint.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Security: Improper handling of path parameters allows bypassing the security constraint",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-9879"
        },
        {
          "category": "external",
          "summary": "RHBZ#1409838",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1409838"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9879",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-9879"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9879",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9879"
        },
        {
          "category": "external",
          "summary": "https://pivotal.io/security/cve-2016-9879",
          "url": "https://pivotal.io/security/cve-2016-9879"
        }
      ],
      "release_date": "2016-12-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        },
        {
          "category": "workaround",
          "details": "Use a Servlet container known not to include path parameters in the return values for getServletPath() and getPathInfo()",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Security: Improper handling of path parameters allows bypassing the security constraint"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Adam Willard"
          ],
          "organization": "Blue Canopy"
        },
        {
          "names": [
            "Dennis Reed"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-2589",
      "cwe": {
        "id": "CWE-285",
        "name": "Improper Authorization"
      },
      "discovery_date": "2017-01-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1413905"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that the hawtio servlet uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "hawtio: Proxy is sharing cookies among all the clients",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-2589"
        },
        {
          "category": "external",
          "summary": "RHBZ#1413905",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413905"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-2589",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-2589"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2589",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2589"
        }
      ],
      "release_date": "2017-07-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "hawtio: Proxy is sharing cookies among all the clients"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Hooman Broujerdi"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-2594",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "discovery_date": "2017-01-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1415543"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that a path traversal vulnerability in hawtio leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio\u0027s root.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "hawtio: information Disclosure flaws due to unsafe path traversal",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-2594"
        },
        {
          "category": "external",
          "summary": "RHBZ#1415543",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415543"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-2594",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-2594"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2594",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2594"
        }
      ],
      "release_date": "2017-01-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "hawtio: information Disclosure flaws due to unsafe path traversal"
    },
    {
      "cve": "CVE-2017-3156",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2017-02-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1425455"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Apache CXF OAuth2 Hawk and JOSE MAC Validation code is not using a constant time MAC signature comparison algorithm which may be exploited by some sophisticated timing attacks. It may only affect OAuth2 Hawk or JWT access tokens or JOSE JWS/JWE interceptors which depend on HMAC secret key algorithms.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cxf: CXF OAuth2 Hawk and JOSE MAC Validation code are vulnerable to timing attacks",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-3156"
        },
        {
          "category": "external",
          "summary": "RHBZ#1425455",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425455"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3156",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-3156"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3156",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3156"
        },
        {
          "category": "external",
          "summary": "https://cxf.apache.org/security-advisories.data/CVE-2017-3156.txt.asc",
          "url": "https://cxf.apache.org/security-advisories.data/CVE-2017-3156.txt.asc"
        }
      ],
      "release_date": "2017-02-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cxf: CXF OAuth2 Hawk and JOSE MAC Validation code are vulnerable to timing attacks"
    },
    {
      "cve": "CVE-2017-5643",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2017-03-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1433374"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Apache Camel\u0027s validation component evaluates DTD headers of XML stream sources, although a validation against XML schemas (XSD) is executed. Remote attackers can use this feature to make Server-Side Request Forgery (SSRF) attacks by sending XML documents with remote DTDs URLs or XML External Entities (XXE). The vulnerability is not given for SAX or StAX sources.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "camel-core: Validation component vulnerable to SSRF via remote DTDs and XXE",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5643"
        },
        {
          "category": "external",
          "summary": "RHBZ#1433374",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433374"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5643",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5643"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5643",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5643"
        },
        {
          "category": "external",
          "summary": "https://camel.apache.org/security-advisories.data/CVE-2017-5643.txt",
          "url": "https://camel.apache.org/security-advisories.data/CVE-2017-5643.txt"
        }
      ],
      "release_date": "2017-02-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "camel-core: Validation component vulnerable to SSRF via remote DTDs and XXE"
    },
    {
      "cve": "CVE-2017-5653",
      "discovery_date": "2017-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1445327"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that a flaw exists in JAX-RS clients using the streaming approach for XML signatures and encryption, where it does not enforce the message to be signed/encrypted. This could allow an attacker to subvert the integrity of the message.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cxf: CXF JAX-RS XML Security streaming clients do not validate that the service response was signed or encrypted",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5653"
        },
        {
          "category": "external",
          "summary": "RHBZ#1445327",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445327"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5653",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5653"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5653",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5653"
        },
        {
          "category": "external",
          "summary": "http://cxf.apache.org/security-advisories.data/CVE-2017-5653.txt.asc",
          "url": "http://cxf.apache.org/security-advisories.data/CVE-2017-5653.txt.asc"
        }
      ],
      "release_date": "2017-03-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cxf: CXF JAX-RS XML Security streaming clients do not validate that the service response was signed or encrypted"
    },
    {
      "cve": "CVE-2017-5656",
      "discovery_date": "2017-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1445329"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the token cacher in Apache cxf uses a flawed way of caching tokens that are associated with the delegation token received from Security Token Service (STS). This vulnerability could allow an attacker to craft a token which could return an identifier corresponding to a cached token for another user.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cxf: CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "RHBZ#1445329",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445329"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5656",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5656",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc",
          "url": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc"
        }
      ],
      "release_date": "2017-04-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cxf: CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens"
    },
    {
      "cve": "CVE-2017-5929",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-03-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1432858"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated attackers on the adjacent network can leverage this vulnerability to execute arbitrary code through deserialization of custom gadget chains.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "logback: Serialization vulnerability in SocketServer and ServerSocketReceiver",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability  applies to logback-classic and logback-core.There is no documented evidence in the official upstream  advisory that logback-json-core is affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5929"
        },
        {
          "category": "external",
          "summary": "RHBZ#1432858",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1432858"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5929",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5929"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5929",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5929"
        }
      ],
      "release_date": "2017-02-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "logback: Serialization vulnerability in SocketServer and ServerSocketReceiver"
    },
    {
      "cve": "CVE-2017-7957",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-04-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441538"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type \u0027void\u0027. An attacker could use this flaw to create a denial of service on the target system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "XStream: DoS when unmarshalling void type",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7957"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441538",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441538"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7957",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7957"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7957",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7957"
        },
        {
          "category": "external",
          "summary": "http://x-stream.github.io/CVE-2017-7957.html",
          "url": "http://x-stream.github.io/CVE-2017-7957.html"
        }
      ],
      "release_date": "2017-04-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "XStream: DoS when unmarshalling void type"
    }
  ]
}

RHSA-2017_1832

Vulnerability from csaf_redhat - Published: 2017-08-10 23:03 - Updated: 2024-11-22 11:10

Summary

Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R4 security and bug fix update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.\n\nSecurity Fix(es):\n\n* It was discovered that the hawtio servlet uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies. (CVE-2017-2589)\n\n* It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information. (CVE-2015-6644)\n\n* It was found that Apache Camel\u0027s camel-jackson and camel-jacksonxml components are vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data can lead to security flaws as demonstrated in various similar reports about Java de-serialization issues. (CVE-2016-8749)\n\n* It was found that Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded / to a request an attacker may be able to bypass a security constraint. (CVE-2016-9879)\n\n* It was found that a path traversal vulnerability in hawtio leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio\u0027s root. (CVE-2017-2594)\n\n* It was found that Apache CXF OAuth2 Hawk and JOSE MAC Validation code is not using a constant time MAC signature comparison algorithm which may be exploited by some sophisticated timing attacks. It may only affect OAuth2 Hawk, JWT access tokens, or JOSE JWS/JWE interceptors which depend on HMAC secret key algorithms. (CVE-2017-3156)\n\n* It was found that Apache Camel\u0027s validation component evaluates DTD headers of XML stream sources, although a validation against XML schemas (XSD) is executed. Remote attackers can use this feature to make Server-Side Request Forgery (SSRF) attacks by sending XML documents with remote DTDs URLs or XML External Entities (XXE). (CVE-2017-5643)\n\n* It was found that a flaw exists in JAX-RS clients using the streaming approach for XML signatures and encryption, where it does not enforce the message to be signed/encrypted. This could allow an attacker to subvert the integrity of the message. (CVE-2017-5653)\n\n* It was found that the token cacher in Apache cxf uses a flawed way of caching tokens that are associated with the delegation token received from Security Token Service (STS). This vulnerability could allow an attacker to craft a token which could return an identifier corresponding to a cached token for another user. (CVE-2017-5656)\n\n* It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated attackers on the adjacent network can leverage this vulnerability to execute arbitrary code through deserialization of custom gadget chains. (CVE-2017-5929)\n\n* It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type \u0027void\u0027. An attacker could use this flaw to create a denial of service on the target system. (CVE-2017-7957)\n\nThe CVE-2017-2589 issue was discovered by Adam Willard (Blue Canopy) and Dennis Reed (Red Hat) and the CVE-2017-2594 issue was discovered by Hooman Broujerdi (Red Hat).",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1832",
        "url": "https://access.redhat.com/errata/RHSA-2017:1832"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq\u0026version=6.3.0",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq\u0026version=6.3.0"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/"
      },
      {
        "category": "external",
        "summary": "1409838",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1409838"
      },
      {
        "category": "external",
        "summary": "1413905",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413905"
      },
      {
        "category": "external",
        "summary": "1415543",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415543"
      },
      {
        "category": "external",
        "summary": "1420832",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420832"
      },
      {
        "category": "external",
        "summary": "1425455",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425455"
      },
      {
        "category": "external",
        "summary": "1432858",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1432858"
      },
      {
        "category": "external",
        "summary": "1433374",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433374"
      },
      {
        "category": "external",
        "summary": "1441538",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441538"
      },
      {
        "category": "external",
        "summary": "1444015",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
      },
      {
        "category": "external",
        "summary": "1445327",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445327"
      },
      {
        "category": "external",
        "summary": "1445329",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445329"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1832.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R4 security and bug fix update",
    "tracking": {
      "current_release_date": "2024-11-22T11:10:23+00:00",
      "generator": {
        "date": "2024-11-22T11:10:23+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2017:1832",
      "initial_release_date": "2017-08-10T23:03:00+00:00",
      "revision_history": [
        {
          "date": "2017-08-10T23:03:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-08-15T01:47:49+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T11:10:23+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss A-MQ 6.3",
                "product": {
                  "name": "Red Hat JBoss A-MQ 6.3",
                  "product_id": "Red Hat JBoss A-MQ 6.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_amq:6.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Fuse 6.3",
                "product": {
                  "name": "Red Hat JBoss Fuse 6.3",
                  "product_id": "Red Hat JBoss Fuse 6.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_fuse:6.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Fuse"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-6644",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1444015"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that an information disclosure flaw in Bouncy Castle could enable a local malicious application to gain access to user\u0027s private information.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "bouncycastle: Information disclosure in GCMBlockCipher",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2015-6644"
        },
        {
          "category": "external",
          "summary": "RHBZ#1444015",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444015"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2015-6644",
          "url": "https://www.cve.org/CVERecord?id=CVE-2015-6644"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6644"
        }
      ],
      "release_date": "2016-01-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "bouncycastle: Information disclosure in GCMBlockCipher"
    },
    {
      "cve": "CVE-2016-8749",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-02-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1420832"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Apache Camel\u0027s camel-jackson and camel-jacksonxml components are vulnerable to Java object de-serialisation vulnerability. Camel allows such a type through the \u0027CamelJacksonUnmarshalType\u0027 property. De-serializing untrusted data can lead to security flaws as demonstrated in various similar reports about Java de-serialization issues.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "camel-jacksonxml: Unmarshalling operation are vulnerable to RCE",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8749"
        },
        {
          "category": "external",
          "summary": "RHBZ#1420832",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420832"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8749",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8749"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8749",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8749"
        },
        {
          "category": "external",
          "summary": "http://camel.apache.org/security-advisories.data/CVE-2016-8749.txt.asc",
          "url": "http://camel.apache.org/security-advisories.data/CVE-2016-8749.txt.asc"
        }
      ],
      "release_date": "2016-12-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "camel-jacksonxml: Unmarshalling operation are vulnerable to RCE"
    },
    {
      "cve": "CVE-2016-9879",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2016-12-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1409838"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded / to a request an attacker may be able to bypass a security constraint.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Security: Improper handling of path parameters allows bypassing the security constraint",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-9879"
        },
        {
          "category": "external",
          "summary": "RHBZ#1409838",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1409838"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9879",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-9879"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9879",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9879"
        },
        {
          "category": "external",
          "summary": "https://pivotal.io/security/cve-2016-9879",
          "url": "https://pivotal.io/security/cve-2016-9879"
        }
      ],
      "release_date": "2016-12-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        },
        {
          "category": "workaround",
          "details": "Use a Servlet container known not to include path parameters in the return values for getServletPath() and getPathInfo()",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "Security: Improper handling of path parameters allows bypassing the security constraint"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Adam Willard"
          ],
          "organization": "Blue Canopy"
        },
        {
          "names": [
            "Dennis Reed"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-2589",
      "cwe": {
        "id": "CWE-285",
        "name": "Improper Authorization"
      },
      "discovery_date": "2017-01-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1413905"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that the hawtio servlet uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "hawtio: Proxy is sharing cookies among all the clients",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-2589"
        },
        {
          "category": "external",
          "summary": "RHBZ#1413905",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413905"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-2589",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-2589"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2589",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2589"
        }
      ],
      "release_date": "2017-07-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "hawtio: Proxy is sharing cookies among all the clients"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Hooman Broujerdi"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-2594",
      "cwe": {
        "id": "CWE-209",
        "name": "Generation of Error Message Containing Sensitive Information"
      },
      "discovery_date": "2017-01-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1415543"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that a path traversal vulnerability in hawtio leads to a NullPointerException with a full stacktrace. An attacker could use this flaw to gather undisclosed information from within hawtio\u0027s root.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "hawtio: information Disclosure flaws due to unsafe path traversal",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-2594"
        },
        {
          "category": "external",
          "summary": "RHBZ#1415543",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415543"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-2594",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-2594"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2594",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2594"
        }
      ],
      "release_date": "2017-01-23T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "hawtio: information Disclosure flaws due to unsafe path traversal"
    },
    {
      "cve": "CVE-2017-3156",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2017-02-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1425455"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Apache CXF OAuth2 Hawk and JOSE MAC Validation code is not using a constant time MAC signature comparison algorithm which may be exploited by some sophisticated timing attacks. It may only affect OAuth2 Hawk or JWT access tokens or JOSE JWS/JWE interceptors which depend on HMAC secret key algorithms.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cxf: CXF OAuth2 Hawk and JOSE MAC Validation code are vulnerable to timing attacks",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-3156"
        },
        {
          "category": "external",
          "summary": "RHBZ#1425455",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425455"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-3156",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-3156"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3156",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3156"
        },
        {
          "category": "external",
          "summary": "https://cxf.apache.org/security-advisories.data/CVE-2017-3156.txt.asc",
          "url": "https://cxf.apache.org/security-advisories.data/CVE-2017-3156.txt.asc"
        }
      ],
      "release_date": "2017-02-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cxf: CXF OAuth2 Hawk and JOSE MAC Validation code are vulnerable to timing attacks"
    },
    {
      "cve": "CVE-2017-5643",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "discovery_date": "2017-03-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1433374"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that Apache Camel\u0027s validation component evaluates DTD headers of XML stream sources, although a validation against XML schemas (XSD) is executed. Remote attackers can use this feature to make Server-Side Request Forgery (SSRF) attacks by sending XML documents with remote DTDs URLs or XML External Entities (XXE). The vulnerability is not given for SAX or StAX sources.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "camel-core: Validation component vulnerable to SSRF via remote DTDs and XXE",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5643"
        },
        {
          "category": "external",
          "summary": "RHBZ#1433374",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1433374"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5643",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5643"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5643",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5643"
        },
        {
          "category": "external",
          "summary": "https://camel.apache.org/security-advisories.data/CVE-2017-5643.txt",
          "url": "https://camel.apache.org/security-advisories.data/CVE-2017-5643.txt"
        }
      ],
      "release_date": "2017-02-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "camel-core: Validation component vulnerable to SSRF via remote DTDs and XXE"
    },
    {
      "cve": "CVE-2017-5653",
      "discovery_date": "2017-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1445327"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that a flaw exists in JAX-RS clients using the streaming approach for XML signatures and encryption, where it does not enforce the message to be signed/encrypted. This could allow an attacker to subvert the integrity of the message.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cxf: CXF JAX-RS XML Security streaming clients do not validate that the service response was signed or encrypted",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5653"
        },
        {
          "category": "external",
          "summary": "RHBZ#1445327",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445327"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5653",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5653"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5653",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5653"
        },
        {
          "category": "external",
          "summary": "http://cxf.apache.org/security-advisories.data/CVE-2017-5653.txt.asc",
          "url": "http://cxf.apache.org/security-advisories.data/CVE-2017-5653.txt.asc"
        }
      ],
      "release_date": "2017-03-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cxf: CXF JAX-RS XML Security streaming clients do not validate that the service response was signed or encrypted"
    },
    {
      "cve": "CVE-2017-5656",
      "discovery_date": "2017-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1445329"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the token cacher in Apache cxf uses a flawed way of caching tokens that are associated with the delegation token received from Security Token Service (STS). This vulnerability could allow an attacker to craft a token which could return an identifier corresponding to a cached token for another user.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cxf: CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "RHBZ#1445329",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445329"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5656",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5656",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc",
          "url": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc"
        }
      ],
      "release_date": "2017-04-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cxf: CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens"
    },
    {
      "cve": "CVE-2017-5929",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-03-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1432858"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated attackers on the adjacent network can leverage this vulnerability to execute arbitrary code through deserialization of custom gadget chains.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "logback: Serialization vulnerability in SocketServer and ServerSocketReceiver",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5929"
        },
        {
          "category": "external",
          "summary": "RHBZ#1432858",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1432858"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5929",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5929"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5929",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5929"
        }
      ],
      "release_date": "2017-02-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "logback: Serialization vulnerability in SocketServer and ServerSocketReceiver"
    },
    {
      "cve": "CVE-2017-7957",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-04-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441538"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that XStream contains a vulnerability that allows a maliciously crafted file to be parsed successfully which could cause an application crash. The crash occurs if the file that is being fed into XStream input stream contains an instances of the primitive type \u0027void\u0027. An attacker could use this flaw to create a denial of service on the target system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "XStream: DoS when unmarshalling void type",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7957"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441538",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441538"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7957",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7957"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7957",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7957"
        },
        {
          "category": "external",
          "summary": "http://x-stream.github.io/CVE-2017-7957.html",
          "url": "http://x-stream.github.io/CVE-2017-7957.html"
        }
      ],
      "release_date": "2017-04-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-10T23:03:00+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nYou can find installation instructions in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1832"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "XStream: DoS when unmarshalling void type"
    }
  ]
}

RHSA-2018_1694

Vulnerability from csaf_redhat - Published: 2018-05-22 16:52 - Updated: 2024-11-14 23:43

Summary

Red Hat Security Advisory: Red Hat OpenShift Application Runtimes security and bug fix update

Notes

Topic

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications (monoliths and microservices) for OpenShift as a containerized platform. This release of RHOAR WildFly Swarm 7.1.0 serves as a replacement for RHOAR WildFly Swarm 7.0.1, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Security Fix(es): * cxf: CXF's STSClient uses a flawed way of caching tokens that are associated with delegation tokens (CVE-2017-5656) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat OpenShift Application Runtimes.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Openshift Application Runtimes provides an application platform\nthat reduces the complexity of developing and operating applications\n(monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of RHOAR WildFly Swarm 7.1.0 serves as a replacement for RHOAR\nWildFly Swarm 7.0.1, and includes bug fixes and enhancements. For further\ninformation, refer to the Release Notes linked to in the References\nsection.\n\nSecurity Fix(es):\n\n* cxf: CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens (CVE-2017-5656)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1694",
        "url": "https://access.redhat.com/errata/RHSA-2018:1694"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=catRhoar.wildFly.swarm\u0026downloadType=distributions\u0026version=7.1.0",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=catRhoar.wildFly.swarm\u0026downloadType=distributions\u0026version=7.1.0"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html-single/red_hat_openshift_application_runtimes_release_notes/",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html-single/red_hat_openshift_application_runtimes_release_notes/"
      },
      {
        "category": "external",
        "summary": "1445329",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445329"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1694.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenShift Application Runtimes security and bug fix update",
    "tracking": {
      "current_release_date": "2024-11-14T23:43:08+00:00",
      "generator": {
        "date": "2024-11-14T23:43:08+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2018:1694",
      "initial_release_date": "2018-05-22T16:52:37+00:00",
      "revision_history": [
        {
          "date": "2018-05-22T16:52:37+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-22T16:52:37+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-14T23:43:08+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Openshift Application Runtimes",
                "product": {
                  "name": "Red Hat Openshift Application Runtimes",
                  "product_id": "Red Hat Openshift Application Runtimes",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Application Runtimes"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5656",
      "discovery_date": "2017-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1445329"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the token cacher in Apache cxf uses a flawed way of caching tokens that are associated with the delegation token received from Security Token Service (STS). This vulnerability could allow an attacker to craft a token which could return an identifier corresponding to a cached token for another user.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cxf: CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Openshift Application Runtimes"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "RHBZ#1445329",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445329"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5656",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5656",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc",
          "url": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc"
        }
      ],
      "release_date": "2017-04-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-22T16:52:37+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat Openshift Application Runtimes"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1694"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat Openshift Application Runtimes"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cxf: CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens"
    }
  ]
}

RHSA-2018:1694

Vulnerability from csaf_redhat - Published: 2018-05-22 16:52 - Updated: 2025-11-21 18:05

Summary

Red Hat Security Advisory: Red Hat OpenShift Application Runtimes security and bug fix update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat OpenShift Application Runtimes.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Openshift Application Runtimes provides an application platform\nthat reduces the complexity of developing and operating applications\n(monoliths and microservices) for OpenShift as a containerized platform.\n\nThis release of RHOAR WildFly Swarm 7.1.0 serves as a replacement for RHOAR\nWildFly Swarm 7.0.1, and includes bug fixes and enhancements. For further\ninformation, refer to the Release Notes linked to in the References\nsection.\n\nSecurity Fix(es):\n\n* cxf: CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens (CVE-2017-5656)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1694",
        "url": "https://access.redhat.com/errata/RHSA-2018:1694"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=catRhoar.wildFly.swarm\u0026downloadType=distributions\u0026version=7.1.0",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=catRhoar.wildFly.swarm\u0026downloadType=distributions\u0026version=7.1.0"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html-single/red_hat_openshift_application_runtimes_release_notes/",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_application_runtimes/1/html-single/red_hat_openshift_application_runtimes_release_notes/"
      },
      {
        "category": "external",
        "summary": "1445329",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445329"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1694.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenShift Application Runtimes security and bug fix update",
    "tracking": {
      "current_release_date": "2025-11-21T18:05:02+00:00",
      "generator": {
        "date": "2025-11-21T18:05:02+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2018:1694",
      "initial_release_date": "2018-05-22T16:52:37+00:00",
      "revision_history": [
        {
          "date": "2018-05-22T16:52:37+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-22T16:52:37+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T18:05:02+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Openshift Application Runtimes",
                "product": {
                  "name": "Red Hat Openshift Application Runtimes",
                  "product_id": "Red Hat Openshift Application Runtimes",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Application Runtimes"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5656",
      "discovery_date": "2017-04-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1445329"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the token cacher in Apache cxf uses a flawed way of caching tokens that are associated with the delegation token received from Security Token Service (STS). This vulnerability could allow an attacker to craft a token which could return an identifier corresponding to a cached token for another user.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cxf: CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Openshift Application Runtimes"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "RHBZ#1445329",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445329"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5656",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5656",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5656"
        },
        {
          "category": "external",
          "summary": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc",
          "url": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc"
        }
      ],
      "release_date": "2017-04-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-22T16:52:37+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat Openshift Application Runtimes"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1694"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat Openshift Application Runtimes"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "cxf: CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens"
    }
  ]
}

FKIE_CVE-2017-5656

Vulnerability from fkie_nvd - Published: 2017-04-18 16:59 - Updated: 2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
security@apache.org	http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1&modificationDate=1492515113282&api=v2	Patch, Vendor Advisory
security@apache.org	http://www.securityfocus.com/bid/97971	Third Party Advisory, VDB Entry
security@apache.org	http://www.securitytracker.com/id/1038282	Third Party Advisory, VDB Entry
security@apache.org	https://access.redhat.com/errata/RHSA-2017:1832	Issue Tracking
security@apache.org	https://access.redhat.com/errata/RHSA-2018:1694	Issue Tracking
security@apache.org	https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
security@apache.org	https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
security@apache.org	https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
security@apache.org	https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
security@apache.org	https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
security@apache.org	https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1&modificationDate=1492515113282&api=v2	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/97971	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1038282	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2017:1832	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:1694	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E

Impacted products

	Vendor	Product	Version
	apache	cxf	*
	apache	cxf	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CFCEBB-523C-4B09-BCAE-B599B4A76CD3",
              "versionEndExcluding": "3.0.13",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFF69A48-16BE-48B6-A19A-8904850911D3",
              "versionEndExcluding": "3.1.11",
              "versionStartIncluding": "3.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apache CXF\u0027s STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user."
    },
    {
      "lang": "es",
      "value": "Apache CXF\u0027s STSClient en versiones anteriores a 3.1.11 y 3.0.13 utiliza un modo defectuoso de los tokens de cach\u00e9 que est\u00e1n asociados al los tokens de delegaci\u00f3n, lo que significa que el atacante puede modificar el token el cual puede devolver el identificador correspondiente al token de cacheo a otro usuario."
    }
  ],
  "id": "CVE-2017-5656",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-04-18T16:59:00.197",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1\u0026modificationDate=1492515113282\u0026api=v2"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97971"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038282"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:1832"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1694"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1\u0026modificationDate=1492515113282\u0026api=v2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/97971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1038282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2017:1832"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1694"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-384"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CNVD-2017-05980

Vulnerability from cnvd - Published: 2017-05-05

Title

Apache CXF信息泄露漏洞

Description

Apache CXF是美国阿帕奇（Apache）软件基金会的一个开源的Web服务框架。该框架支持多种Web服务标准、多种前端编程API等。 Apache CXF 3.1.11之前的版本和3.0.13之前的版本中的STSClient存在安全漏洞。攻击者可通过制作令牌利用该漏洞获取与缓存令牌一致的标示符。

Severity

中

Patch Name

Apache CXF信息泄露漏洞的补丁

Patch Description

Apache CXF是美国阿帕奇（Apache）软件基金会的一个开源的Web服务框架。该框架支持多种Web服务标准、多种前端编程API等。 Apache CXF 3.1.11之前的版本和3.0.13之前的版本中的STSClient存在安全漏洞。攻击者可通过制作令牌利用该漏洞获取与缓存令牌一致的标示符。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1&modificationDate=1492515113282&api=v2

Reference

http://www.securityfocus.com/bid/97971

Impacted products

Name
Apache CXF's STSClient <3.1.11，<3.0.13

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "97971"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5656",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5656"
    }
  },
  "description": "Apache CXF\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u5f00\u6e90\u7684Web\u670d\u52a1\u6846\u67b6\u3002\u8be5\u6846\u67b6\u652f\u6301\u591a\u79cdWeb\u670d\u52a1\u6807\u51c6\u3001\u591a\u79cd\u524d\u7aef\u7f16\u7a0bAPI\u7b49\u3002\r\n\r\nApache CXF 3.1.11\u4e4b\u524d\u7684\u7248\u672c\u548c3.0.13\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684STSClient\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5236\u4f5c\u4ee4\u724c\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u4e0e\u7f13\u5b58\u4ee4\u724c\u4e00\u81f4\u7684\u6807\u793a\u7b26\u3002",
  "discovererName": "Apache",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1\u0026modificationDate=1492515113282\u0026api=v2",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-05980",
  "openTime": "2017-05-05",
  "patchDescription": "Apache CXF\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u5f00\u6e90\u7684Web\u670d\u52a1\u6846\u67b6\u3002\u8be5\u6846\u67b6\u652f\u6301\u591a\u79cdWeb\u670d\u52a1\u6807\u51c6\u3001\u591a\u79cd\u524d\u7aef\u7f16\u7a0bAPI\u7b49\u3002\r\n\r\nApache CXF 3.1.11\u4e4b\u524d\u7684\u7248\u672c\u548c3.0.13\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684STSClient\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5236\u4f5c\u4ee4\u724c\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u4e0e\u7f13\u5b58\u4ee4\u724c\u4e00\u81f4\u7684\u6807\u793a\u7b26\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache CXF\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache CXF\u0027s STSClient \u003c3.1.11\uff0c\u003c3.0.13"
  },
  "referenceLink": "http://www.securityfocus.com/bid/97971",
  "serverity": "\u4e2d",
  "submitTime": "2017-04-20",
  "title": "Apache CXF\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

GSD-2017-5656

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-5656

Aliases

CVE-2017-5656

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-5656",
    "description": "Apache CXF\u0027s STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user.",
    "id": "GSD-2017-5656",
    "references": [
      "https://access.redhat.com/errata/RHSA-2018:1694",
      "https://access.redhat.com/errata/RHSA-2017:1832"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5656"
      ],
      "details": "Apache CXF\u0027s STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user.",
      "id": "GSD-2017-5656",
      "modified": "2023-12-13T01:21:14.135764Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "ID": "CVE-2017-5656",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache CXF",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "3.1.x before 3.1.11"
                        },
                        {
                          "version_value": "versions before 3.0.13"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Apache CXF\u0027s STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Apache CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens."
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2017:1832",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:1832"
          },
          {
            "name": "1038282",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1038282"
          },
          {
            "name": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1\u0026modificationDate=1492515113282\u0026api=v2",
            "refsource": "CONFIRM",
            "url": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1\u0026modificationDate=1492515113282\u0026api=v2"
          },
          {
            "name": "97971",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/97971"
          },
          {
            "name": "RHSA-2018:1694",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:1694"
          },
          {
            "name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E"
          },
          {
            "name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,3.0.12],[3.1.0,3.1.10]",
          "affected_versions": "All versions up to 3.0.12, all versions starting from 3.1.0 up to 3.1.10",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-384",
            "CWE-937"
          ],
          "date": "2022-07-01",
          "description": "Apache CXF\u0027s STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user.",
          "fixed_versions": [
            "3.0.13",
            "3.1.11"
          ],
          "identifier": "CVE-2017-5656",
          "identifiers": [
            "GHSA-v936-x3j5-c76j",
            "CVE-2017-5656"
          ],
          "not_impacted": "All versions after 3.0.12 before 3.1.0, all versions after 3.1.10",
          "package_slug": "maven/org.apache.cxf/cxf-core",
          "pubdate": "2022-05-13",
          "solution": "Upgrade to versions 3.0.13, 3.1.11 or above.",
          "title": "Session Fixation",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2017-5656",
            "https://access.redhat.com/errata/RHSA-2017:1832",
            "https://access.redhat.com/errata/RHSA-2018:1694",
            "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E",
            "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E",
            "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E",
            "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E",
            "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E",
            "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E",
            "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1\u0026modificationDate=1492515113282\u0026api=v2",
            "http://www.securityfocus.com/bid/97971",
            "http://www.securitytracker.com/id/1038282",
            "https://github.com/advisories/GHSA-v936-x3j5-c76j"
          ],
          "uuid": "98ed1e02-ee8b-437a-9ae9-b33d0e3114e7"
        },
        {
          "affected_range": "[3.0.0,3.0.13),[3.1.0,3.1.11)",
          "affected_versions": "All versions starting from 3.0.0 before 3.0.13, all versions starting from 3.1.0 before 3.1.11",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-384",
            "CWE-937"
          ],
          "date": "2020-01-16",
          "description": "Apache CXF\u0027s STSClient uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user.",
          "fixed_versions": [
            "3.0.13",
            "3.1.11"
          ],
          "identifier": "CVE-2017-5656",
          "identifiers": [
            "CVE-2017-5656"
          ],
          "not_impacted": "All versions before 3.0.0, all versions starting from 3.0.13 before 3.1.0, all versions starting from 3.1.11",
          "package_slug": "maven/org.apache.cxf/cxf-rt-ws-security",
          "pubdate": "2017-04-18",
          "solution": "Upgrade to versions 3.0.13, 3.1.11 or above.",
          "title": "Session Fixation",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2017-5656",
            "http://www.securityfocus.com/bid/97971",
            "http://www.securitytracker.com/id/1038282",
            "https://access.redhat.com/errata/RHSA-2017:1832",
            "https://access.redhat.com/errata/RHSA-2018:1694"
          ],
          "uuid": "370481fc-c6db-482a-bed2-8e7f89b64877"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.1.11",
                "versionStartIncluding": "3.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.0.13",
                "versionStartIncluding": "3.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2017-5656"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Apache CXF\u0027s STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-384"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1\u0026modificationDate=1492515113282\u0026api=v2",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1\u0026modificationDate=1492515113282\u0026api=v2"
            },
            {
              "name": "97971",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/97971"
            },
            {
              "name": "1038282",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1038282"
            },
            {
              "name": "RHSA-2017:1832",
              "refsource": "REDHAT",
              "tags": [
                "Issue Tracking"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2017:1832"
            },
            {
              "name": "RHSA-2018:1694",
              "refsource": "REDHAT",
              "tags": [
                "Issue Tracking"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:1694"
            },
            {
              "name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E"
            },
            {
              "name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-06-16T12:15Z",
      "publishedDate": "2017-04-18T16:59Z"
    }
  }
}

GHSA-V936-X3J5-C76J

Vulnerability from github – Published: 2022-05-13 01:09 – Updated: 2023-12-21 23:06

Summary

Session Fixation in Apache CXF

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.1.10"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.cxf:cxf-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "3.1.0"
            },
            {
              "fixed": "3.1.11"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 3.0.12"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.cxf:cxf-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.0.13"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-5656"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-384"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-07-01T11:58:52Z",
    "nvd_published_at": "2017-04-18T16:59:00Z",
    "severity": "HIGH"
  },
  "details": "Apache CXF\u0027s STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user.",
  "id": "GHSA-v936-x3j5-c76j",
  "modified": "2023-12-21T23:06:30Z",
  "published": "2022-05-13T01:09:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5656"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/cxf/commit/1a4fe22fc297f8be204788bcdfcd498e91201a01"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:1832"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:1694"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/cxf"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1\u0026modificationDate=1492515113282\u0026api=v2"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/97971"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1038282"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Session Fixation in Apache CXF"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-5656 (GCVE-0-2017-5656)

Tags

Sightings

Nomenclature