cvelistv5 - cve-2017-7503

cve-2017-7503

Vulnerability from cvelistv5

Published

2017-05-18 15:00

Modified

2024-08-05 16:04

Severity ?

Summary

It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.

References

URL	Tags
secalert@redhat.com	http://www.securityfocus.com/bid/98546	Third Party Advisory, VDB Entry
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1451960	Issue Tracking, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/98546	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1451960	Issue Tracking, Third Party Advisory, VDB Entry

Impacted products

Vendor

Product

Version

▼

Red Hat, Inc.

JBoss Enterprise Application Platform

Version: 7.0.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:04:11.831Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "98546",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98546"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "JBoss Enterprise Application Platform",
          "vendor": "Red Hat, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "7.0.5"
            }
          ]
        }
      ],
      "datePublic": "2017-05-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-05-24T09:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "98546",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98546"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2017-7503",
    "datePublished": "2017-05-18T15:00:00",
    "dateReserved": "2017-04-05T00:00:00",
    "dateUpdated": "2024-08-05T16:04:11.831Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC9E9FC7-E7CF-450F-8129-98048C32254D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 que la implementaci\\u00f3n de la funci\\u00f3n javax.xml.transform.TransformerFactory en EAP versi\\u00f3n 7.0.5 de Red Hat JBoss, es vulnerable a un ataque de tipo XXE. Un atacante podr\\u00eda usar esta fallo para activar ataques de tipo DoS o SSRF, o leer archivos del servidor donde se implementa EAP.\"}]",
      "id": "CVE-2017-7503",
      "lastModified": "2024-11-21T03:32:01.823",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": true, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-05-18T15:29:00.173",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/98546\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1451960\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/98546\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1451960\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-611\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-7503\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2017-05-18T15:29:00.173\",\"lastModified\":\"2024-11-21T03:32:01.823\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 que la implementaci\u00f3n de la funci\u00f3n javax.xml.transform.TransformerFactory en EAP versi\u00f3n 7.0.5 de Red Hat JBoss, es vulnerable a un ataque de tipo XXE. Un atacante podr\u00eda usar esta fallo para activar ataques de tipo DoS o SSRF, o leer archivos del servidor donde se implementa EAP.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC9E9FC7-E7CF-450F-8129-98048C32254D\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/98546\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1451960\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/98546\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1451960\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

ghsa-2f38-5w6m-7c6f

Vulnerability from github

Published

2022-05-17 02:43

Modified

2022-05-17 02:43

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-7503"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-611"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-05-18T15:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
  "id": "GHSA-2f38-5w6m-7c6f",
  "modified": "2022-05-17T02:43:12Z",
  "published": "2022-05-17T02:43:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/98546"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

rhsa-2020_2563

Vulnerability from csaf_redhat

Published

2020-06-15 16:16

Modified

2024-11-22 15:10

Summary

Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update

Notes

Topic

This is a security update for JBoss EAP Continuous Delivery 14.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements. Security Fix(es): * XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465) * XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE (CVE-2017-7503) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "This is a security update for JBoss EAP Continuous Delivery 14.0.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465)\n\n* XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE  (CVE-2017-7503)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2020:2563",
        "url": "https://access.redhat.com/errata/RHSA-2020:2563"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14"
      },
      {
        "category": "external",
        "summary": "1439980",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
      },
      {
        "category": "external",
        "summary": "1451960",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2563.json"
      }
    ],
    "title": "Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update",
    "tracking": {
      "current_release_date": "2024-11-22T15:10:53+00:00",
      "generator": {
        "date": "2024-11-22T15:10:53+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2020:2563",
      "initial_release_date": "2020-06-15T16:16:39+00:00",
      "revision_history": [
        {
          "date": "2020-06-15T16:16:39+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2020-06-15T16:16:39+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T15:10:53+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "EAP-CD 14 Tech Preview",
                "product": {
                  "name": "EAP-CD 14 Tech Preview",
                  "product_id": "EAP-CD 14 Tech Preview",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_cd:14"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Jason Shepherd"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-7465",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "discovery_date": "2017-04-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1439980"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the JAXP implementation used in EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "JBoss: JAXP in EAP 7.0 allows RCE via XSL",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "EAP-CD 14 Tech Preview"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7465"
        },
        {
          "category": "external",
          "summary": "RHBZ#1439980",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7465",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7465"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465"
        }
      ],
      "release_date": "2017-04-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-06-15T16:16:39+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:2563"
        },
        {
          "category": "workaround",
          "details": "Doing a transform in JAXP requires the use of a \u0027javax.xml.transform.TransformerFactory\u0027. If the FEATURE_SECURE_PROCESSING feature is set to \u0027true\u0027, it mitigates this vulnerability. Eg:\n\nTransformerFactory factory = TransformerFactory.newInstance();\nfactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "JBoss: JAXP in EAP 7.0 allows RCE via XSL"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jason Shepherd"
          ],
          "organization": "Red Hat Product Security",
          "summary": "This issue was discovered by Red Hat."
        },
        {
          "names": [
            "Katerina Novotna"
          ],
          "organization": "Red Hat Quality Engineering",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-7503",
      "discovery_date": "2017-05-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1451960"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "EAP: XXE issue in TransformerFactory",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "EAP-CD 14 Tech Preview"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7503"
        },
        {
          "category": "external",
          "summary": "RHBZ#1451960",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7503",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7503"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503"
        }
      ],
      "release_date": "2017-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-06-15T16:16:39+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:2563"
        },
        {
          "category": "workaround",
          "details": "This issue affects processing of XML content from an untrusted source using a javax.xml.transform.TransformerFactory. The only safe way to process untrusted XML content with a TransformerFactory is to use the StAX API. StAX is a safe implementation on EAP 7.0.x because the XML content is not read in it\u0027s entirety in order to parse it. As a developer using StAX, you decide which XML stream events you want to react to, so XXE control constructs won\u0027t be processed automatically by the parser.",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "EAP: XXE issue in TransformerFactory"
    }
  ]
}

rhsa-2020:2563

Vulnerability from csaf_redhat

Published

2020-06-15 16:16

Modified

2024-11-22 15:10

Summary

Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "This is a security update for JBoss EAP Continuous Delivery 14.0.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465)\n\n* XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE  (CVE-2017-7503)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2020:2563",
        "url": "https://access.redhat.com/errata/RHSA-2020:2563"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14"
      },
      {
        "category": "external",
        "summary": "1439980",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
      },
      {
        "category": "external",
        "summary": "1451960",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2563.json"
      }
    ],
    "title": "Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update",
    "tracking": {
      "current_release_date": "2024-11-22T15:10:53+00:00",
      "generator": {
        "date": "2024-11-22T15:10:53+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2020:2563",
      "initial_release_date": "2020-06-15T16:16:39+00:00",
      "revision_history": [
        {
          "date": "2020-06-15T16:16:39+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2020-06-15T16:16:39+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T15:10:53+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "EAP-CD 14 Tech Preview",
                "product": {
                  "name": "EAP-CD 14 Tech Preview",
                  "product_id": "EAP-CD 14 Tech Preview",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_cd:14"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Jason Shepherd"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-7465",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "discovery_date": "2017-04-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1439980"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the JAXP implementation used in EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "JBoss: JAXP in EAP 7.0 allows RCE via XSL",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "EAP-CD 14 Tech Preview"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7465"
        },
        {
          "category": "external",
          "summary": "RHBZ#1439980",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7465",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7465"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465"
        }
      ],
      "release_date": "2017-04-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-06-15T16:16:39+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:2563"
        },
        {
          "category": "workaround",
          "details": "Doing a transform in JAXP requires the use of a \u0027javax.xml.transform.TransformerFactory\u0027. If the FEATURE_SECURE_PROCESSING feature is set to \u0027true\u0027, it mitigates this vulnerability. Eg:\n\nTransformerFactory factory = TransformerFactory.newInstance();\nfactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "JBoss: JAXP in EAP 7.0 allows RCE via XSL"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jason Shepherd"
          ],
          "organization": "Red Hat Product Security",
          "summary": "This issue was discovered by Red Hat."
        },
        {
          "names": [
            "Katerina Novotna"
          ],
          "organization": "Red Hat Quality Engineering",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-7503",
      "discovery_date": "2017-05-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1451960"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "EAP: XXE issue in TransformerFactory",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "EAP-CD 14 Tech Preview"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7503"
        },
        {
          "category": "external",
          "summary": "RHBZ#1451960",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7503",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7503"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503"
        }
      ],
      "release_date": "2017-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-06-15T16:16:39+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:2563"
        },
        {
          "category": "workaround",
          "details": "This issue affects processing of XML content from an untrusted source using a javax.xml.transform.TransformerFactory. The only safe way to process untrusted XML content with a TransformerFactory is to use the StAX API. StAX is a safe implementation on EAP 7.0.x because the XML content is not read in it\u0027s entirety in order to parse it. As a developer using StAX, you decide which XML stream events you want to react to, so XXE control constructs won\u0027t be processed automatically by the parser.",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "EAP: XXE issue in TransformerFactory"
    }
  ]
}

RHSA-2020:2563

Vulnerability from csaf_redhat

Published

2020-06-15 16:16

Modified

2024-11-22 15:10

Summary

Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "This is a security update for JBoss EAP Continuous Delivery 14.0.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465)\n\n* XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE  (CVE-2017-7503)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2020:2563",
        "url": "https://access.redhat.com/errata/RHSA-2020:2563"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14"
      },
      {
        "category": "external",
        "summary": "1439980",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
      },
      {
        "category": "external",
        "summary": "1451960",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2563.json"
      }
    ],
    "title": "Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update",
    "tracking": {
      "current_release_date": "2024-11-22T15:10:53+00:00",
      "generator": {
        "date": "2024-11-22T15:10:53+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2020:2563",
      "initial_release_date": "2020-06-15T16:16:39+00:00",
      "revision_history": [
        {
          "date": "2020-06-15T16:16:39+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2020-06-15T16:16:39+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T15:10:53+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "EAP-CD 14 Tech Preview",
                "product": {
                  "name": "EAP-CD 14 Tech Preview",
                  "product_id": "EAP-CD 14 Tech Preview",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_cd:14"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Jason Shepherd"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-7465",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "discovery_date": "2017-04-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1439980"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the JAXP implementation used in EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "JBoss: JAXP in EAP 7.0 allows RCE via XSL",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "EAP-CD 14 Tech Preview"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7465"
        },
        {
          "category": "external",
          "summary": "RHBZ#1439980",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7465",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7465"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465"
        }
      ],
      "release_date": "2017-04-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-06-15T16:16:39+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:2563"
        },
        {
          "category": "workaround",
          "details": "Doing a transform in JAXP requires the use of a \u0027javax.xml.transform.TransformerFactory\u0027. If the FEATURE_SECURE_PROCESSING feature is set to \u0027true\u0027, it mitigates this vulnerability. Eg:\n\nTransformerFactory factory = TransformerFactory.newInstance();\nfactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "JBoss: JAXP in EAP 7.0 allows RCE via XSL"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jason Shepherd"
          ],
          "organization": "Red Hat Product Security",
          "summary": "This issue was discovered by Red Hat."
        },
        {
          "names": [
            "Katerina Novotna"
          ],
          "organization": "Red Hat Quality Engineering",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-7503",
      "discovery_date": "2017-05-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1451960"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "EAP: XXE issue in TransformerFactory",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "EAP-CD 14 Tech Preview"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7503"
        },
        {
          "category": "external",
          "summary": "RHBZ#1451960",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7503",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7503"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503"
        }
      ],
      "release_date": "2017-05-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-06-15T16:16:39+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:2563"
        },
        {
          "category": "workaround",
          "details": "This issue affects processing of XML content from an untrusted source using a javax.xml.transform.TransformerFactory. The only safe way to process untrusted XML content with a TransformerFactory is to use the StAX API. StAX is a safe implementation on EAP 7.0.x because the XML content is not read in it\u0027s entirety in order to parse it. As a developer using StAX, you decide which XML stream events you want to react to, so XXE control constructs won\u0027t be processed automatically by the parser.",
          "product_ids": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "EAP-CD 14 Tech Preview"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "EAP: XXE issue in TransformerFactory"
    }
  ]
}

cve-2017-7503

Vulnerability from fkie_nvd

Published

2017-05-18 15:29

Modified

2024-11-21 03:32

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secalert@redhat.com	http://www.securityfocus.com/bid/98546	Third Party Advisory, VDB Entry
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1451960	Issue Tracking, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/98546	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1451960	Issue Tracking, Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	redhat	jboss_enterprise_application_platform	7.0.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9E9FC7-E7CF-450F-8129-98048C32254D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 que la implementaci\u00f3n de la funci\u00f3n javax.xml.transform.TransformerFactory en EAP versi\u00f3n 7.0.5 de Red Hat JBoss, es vulnerable a un ataque de tipo XXE. Un atacante podr\u00eda usar esta fallo para activar ataques de tipo DoS o SSRF, o leer archivos del servidor donde se implementa EAP."
    }
  ],
  "id": "CVE-2017-7503",
  "lastModified": "2024-11-21T03:32:01.823",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-05-18T15:29:00.173",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98546"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-611"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2017-7503

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-7503

Aliases

CVE-2017-7503

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-7503",
    "description": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
    "id": "GSD-2017-7503",
    "references": [
      "https://access.redhat.com/errata/RHSA-2020:2563"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-7503"
      ],
      "details": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
      "id": "GSD-2017-7503",
      "modified": "2023-12-13T01:21:06.545641Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2017-7503",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "JBoss Enterprise Application Platform",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "7.0.5"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Red Hat, Inc."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.securityfocus.com/bid/98546",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/98546"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2017-7503"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-611"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
            },
            {
              "name": "98546",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/98546"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2017-05-31T18:13Z",
      "publishedDate": "2017-05-18T15:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2017-7503

Vulnerability from cvelistv5

ghsa-2f38-5w6m-7c6f

Vulnerability from github

rhsa-2020_2563

Vulnerability from csaf_redhat

rhsa-2020:2563

Vulnerability from csaf_redhat

RHSA-2020:2563

Vulnerability from csaf_redhat

cve-2017-7503

Vulnerability from fkie_nvd

gsd-2017-7503

Vulnerability from gsd

Tags

Sightings

Nomenclature