Action not permitted
Modal body text goes here.
cve-2017-7657
Vulnerability from cvelistv5
Published
2018-06-26 16:00
Modified
2024-08-05 16:12
Severity ?
EPSS score ?
Summary
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
References
Impacted products
▼ | Vendor | Product |
---|---|---|
The Eclipse Foundation | Eclipse Jetty |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T16:12:27.850Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-4278", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2018/dsa-4278" }, { "name": "1041194", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1041194" }, { "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E" }, { "name": "RHSA-2019:0910", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:0910" }, { "name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E" }, { "name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20181014-0001/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03953en_us" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668" }, { "name": "[druid-commits] 20210226 [GitHub] [druid] kingnj opened a new issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574%40%3Ccommits.druid.apache.org%3E" }, { "name": "[druid-commits] 20210304 [GitHub] [druid] suneet-s commented on issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8%40%3Ccommits.druid.apache.org%3E" }, { "name": "[druid-commits] 20210304 [GitHub] [druid] suneet-s closed issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae%40%3Ccommits.druid.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Eclipse Jetty", "vendor": "The Eclipse Foundation", "versions": [ { "lessThanOrEqual": "9.2.0", "status": "affected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "unspecified", "status": "affected", "version": "9.3.0", "versionType": "custom" }, { "lessThan": "9.3.24", "status": "affected", "version": "unspecified", "versionType": "custom" }, { "lessThan": "unspecified", "status": "affected", "version": "9.4.0", "versionType": "custom" }, { "lessThan": "9.4.11", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "datePublic": "2018-06-07T00:00:00", "descriptions": [ { "lang": "en", "value": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-444", "description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-20T22:53:08", "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "shortName": "eclipse" }, "references": [ { "name": "DSA-4278", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2018/dsa-4278" }, { "name": "1041194", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1041194" }, { "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E" }, { "name": "RHSA-2019:0910", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:0910" }, { "name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E" }, { "name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20181014-0001/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03953en_us" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668" }, { "name": "[druid-commits] 20210226 [GitHub] [druid] kingnj opened a new issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574%40%3Ccommits.druid.apache.org%3E" }, { "name": "[druid-commits] 20210304 [GitHub] [druid] suneet-s commented on issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8%40%3Ccommits.druid.apache.org%3E" }, { "name": "[druid-commits] 20210304 [GitHub] [druid] suneet-s closed issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae%40%3Ccommits.druid.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@eclipse.org", "ID": "CVE-2017-7657", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Eclipse Jetty", "version": { "version_data": [ { "version_affected": "\u003c=", "version_value": "9.2.0" }, { "version_affected": "\u003e=", "version_value": "9.3.0" }, { "version_affected": "\u003c", "version_value": "9.3.24" }, { "version_affected": "\u003e=", "version_value": "9.4.0" }, { "version_affected": "\u003c", "version_value": "9.4.11" } ] } } ] }, "vendor_name": "The Eclipse Foundation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-4278", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4278" }, { "name": "1041194", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041194" }, { "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "name": "RHSA-2019:0910", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0910" }, { "name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E" }, { "name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "https://security.netapp.com/advisory/ntap-20181014-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20181014-0001/" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03953en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03953en_us" }, { "name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668", "refsource": "CONFIRM", "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668" }, { "name": "[druid-commits] 20210226 [GitHub] [druid] kingnj opened a new issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E" }, { "name": "[druid-commits] 20210304 [GitHub] [druid] suneet-s commented on issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E" }, { "name": "[druid-commits] 20210304 [GitHub] [druid] suneet-s closed issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "assignerShortName": "eclipse", "cveId": "CVE-2017-7657", "datePublished": "2018-06-26T16:00:00", "dateReserved": "2017-04-11T00:00:00", "dateUpdated": "2024-08-05T16:12:27.850Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2017-7657\",\"sourceIdentifier\":\"emo@eclipse.org\",\"published\":\"2018-06-26T16:29:00.257\",\"lastModified\":\"2023-11-07T02:50:13.663\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.\"},{\"lang\":\"es\",\"value\":\"En Eclipse Jetty, en versiones 9.2.x y anteriores, versiones 9.3.x (todas las configuraciones) y versiones 9.4.x (configuraci\u00f3n personalizada con el cumplimiento RFC2616 habilitado), los fragmentos transfer-encoding se gestionan de forma incorrecta. El an\u00e1lisis de longitud de fragmento era vulnerable a un desbordamiento de enteros. As\u00ed, podr\u00eda interpretarse un tama\u00f1o de fragmento grande como un tama\u00f1o menor y el contenido enviado como cuerpo del fragmento podr\u00eda interpretarse como una petici\u00f3n pipelined. Si Jetty se despliega tras un intermediario que impon\u00eda autorizaci\u00f3n y el intermediario permit\u00eda que se pasasen o no se cambiasen grandes fragmentos arbitrarios, este error podr\u00eda emplearse para omitir la autorizaci\u00f3n impuesta por el intermediario, ya que la petici\u00f3n pipelined falsa no ser\u00eda interpretada por el intermediario como una petici\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"},{\"lang\":\"en\",\"value\":\"CWE-444\"}]},{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"9.2.26\",\"matchCriteriaId\":\"486E784F-1FC5-42AA-B144-EDBE5FE9B993\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.3.0\",\"versionEndExcluding\":\"9.3.24\",\"matchCriteriaId\":\"C513260A-7AD7-44C2-97F0-167B5819475E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.4.0\",\"versionEndExcluding\":\"9.4.11\",\"matchCriteriaId\":\"5A720480-0A8A-48FE-85FE-6973DAB7A7D5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CF77086-43C1-44DB-A574-61A9A3DD1220\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndIncluding\":\"11.50.1\",\"matchCriteriaId\":\"F5F95A41-A496-481C-A906-E0307AC1EA63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"680ECEAE-D73F-47D2-8AF8-7704469CF3EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85DF4B3F-4BBC-42B7-B729-096934523D63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E902EEC6-9A41-4FBC-8D81-891DF846A5CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_storage_nodes:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"855D6A52-F96F-4CA0-A59C-4D42173F22E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_system_manager:3.x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BE20EF7-C8A3-4C2A-BE0C-C26452830C31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.2.4\",\"matchCriteriaId\":\"97547862-C382-4F46-B393-481D40E924E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB15BCF1-1B1D-49D8-9B76-46DCB10044DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snap_creator_framework:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.3.3\",\"matchCriteriaId\":\"9E234481-81F5-42D7-A4EC-F71245268D5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapcenter:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1p3\",\"matchCriteriaId\":\"33862093-55AD-46CE-97F5-0A00A62766FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:oracle:*:*\",\"versionEndExcluding\":\"3.4.2\",\"matchCriteriaId\":\"41436638-0B88-4823-8208-81C01F2CA6A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:sap:*:*\",\"versionEndExcluding\":\"3.4.2\",\"matchCriteriaId\":\"910F5303-1F70-44E3-A951-567447BC46FF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*\",\"versionStartIncluding\":\"8.4.0-00\",\"versionEndExcluding\":\"8.6.2-00\",\"matchCriteriaId\":\"92C306B7-185C-4CC4-8DEF-4C57B61C49AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:hp:xp_p9000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CC9BC28-72E9-4D53-B388-6A8AB7CFD22E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"36FC547E-861A-418C-A314-DA09A457B13A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"DF9FEE51-50E3-41E9-AA0D-272A640F85CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"E69E905F-2E1A-4462-9082-FF7B10474496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"0F9B692C-8986-4F91-9EF4-2BB1E3B5C133\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0ED83E3-E6BF-4EAA-AF8F-33485A88A218\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11DA6839-849D-4CEF-85F3-38FE75E07183\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCE78490-A4BE-40BD-8C72-0A4526BBD4A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55AE3629-4A66-49E4-A33D-6D81CC94962F\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1041194\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0910\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8%40%3Ccommits.druid.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae%40%3Ccommits.druid.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574%40%3Ccommits.druid.apache.org%3E\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20181014-0001/\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03953en_us\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4278\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com//security-alerts/cpujul2021.html\",\"source\":\"emo@eclipse.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}" } }
gsd-2017-7657
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2017-7657", "description": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.", "id": "GSD-2017-7657", "references": [ "https://www.debian.org/security/2018/dsa-4278", "https://access.redhat.com/errata/RHSA-2019:0910" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2017-7657" ], "details": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.", "id": "GSD-2017-7657", "modified": "2023-12-13T01:21:06.423442Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security@eclipse.org", "ID": "CVE-2017-7657", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Eclipse Jetty", "version": { "version_data": [ { "version_affected": "\u003c=", "version_value": "9.2.0" }, { "version_affected": "\u003e=", "version_value": "9.3.0" }, { "version_affected": "\u003c", "version_value": "9.3.24" }, { "version_affected": "\u003e=", "version_value": "9.4.0" }, { "version_affected": "\u003c", "version_value": "9.4.11" } ] } } ] }, "vendor_name": "The Eclipse Foundation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-4278", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2018/dsa-4278" }, { "name": "1041194", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041194" }, { "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "name": "RHSA-2019:0910", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0910" }, { "name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E" }, { "name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "https://security.netapp.com/advisory/ntap-20181014-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20181014-0001/" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03953en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03953en_us" }, { "name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668", "refsource": "CONFIRM", "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668" }, { "name": "[druid-commits] 20210226 [GitHub] [druid] kingnj opened a new issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E" }, { "name": "[druid-commits] 20210304 [GitHub] [druid] suneet-s commented on issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E" }, { "name": "[druid-commits] 20210304 [GitHub] [druid] suneet-s closed issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "(,9.2.26],[9.3.0,9.3.24),[9.4.0,9.4.11)", "affected_versions": "All versions up to 9.2.26, all versions starting from 9.3.0 before 9.3.24, all versions starting from 9.4.0 before 9.4.11", "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "cwe_ids": [ "CWE-1035", "CWE-190", "CWE-444", "CWE-937" ], "date": "2019-08-21", "description": "Transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. A large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.", "fixed_versions": [ "9.2.26.v20180806", "9.3.24.v20180605", "9.4.11.v20180605" ], "identifier": "CVE-2017-7657", "identifiers": [ "CVE-2017-7657" ], "not_impacted": "All versions after 9.2.26 before 9.3.0, all versions starting from 9.3.24 before 9.4.0, all versions starting from 9.4.11", "package_slug": "maven/org.eclipse.jetty/jetty-client", "pubdate": "2018-06-26", "solution": "Upgrade to versions 9.2.26.v20180806, 9.3.24.v20180605, 9.4.11.v20180605 or above.", "title": "Integer Overflow or Wraparound", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2017-7657", "http://www.securitytracker.com/id/1041194" ], "uuid": "c19fe50b-632c-43bd-8d8e-689713809b46" }, { "affected_range": "(,9.2.25.v20180105],[9.3.0,9.3.23.v20180228]", "affected_versions": "All versions up to 9.2.25.v20180105, all versions starting from 9.3.0 up to 9.3.23.v20180228", "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "cwe_ids": [ "CWE-1035", "CWE-190", "CWE-444", "CWE-707", "CWE-937" ], "date": "2021-06-10", "description": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.", "fixed_versions": [ "9.2.25.v20180606", "9.3.24.v20180605" ], "identifier": "CVE-2017-7657", "identifiers": [ "GHSA-vgg8-72f2-qm23", "CVE-2017-7657" ], "not_impacted": "All versions after 9.2.25.v20180105 before 9.3.0, all versions after 9.3.23.v20180228", "package_slug": "maven/org.eclipse.jetty/jetty-server", "pubdate": "2018-10-19", "solution": "Upgrade to versions 9.2.25.v20180606, 9.3.24.v20180605 or above.", "title": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2017-7657", "https://access.redhat.com/errata/RHSA-2019:0910", "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668", "https://github.com/advisories/GHSA-vgg8-72f2-qm23", "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E", "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E", "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E", "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E", "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E", "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E", "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E", "https://security.netapp.com/advisory/ntap-20181014-0001/", "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03953en_us", "https://www.debian.org/security/2018/dsa-4278", "https://www.oracle.com/security-alerts/cpuoct2020.html", "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "http://www.securitytracker.com/id/1041194" ], "uuid": "94e2b5e0-a91c-4ad4-b112-29ee0679ae4e" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.3.24", "versionStartIncluding": "9.3.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "9.4.11", "versionStartIncluding": "9.4.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "9.2.26", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:hci_storage_nodes:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "11.50.1", "versionStartIncluding": "11.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.2.4", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:snap_creator_framework:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.3.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:snapcenter:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.1p3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:sap:*:*", "cpe_name": [], "versionEndExcluding": "3.4.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:oracle:*:*", "cpe_name": [], "versionEndExcluding": "3.4.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:oncommand_system_manager:3.x:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*", "cpe_name": [], "versionEndExcluding": "8.6.2-00", "versionStartIncluding": "8.4.0-00", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:hp:xp_p9000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "security@eclipse.org", "ID": "CVE-2017-7657" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-190" }, { "lang": "en", "value": "CWE-444" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668" }, { "name": "1041194", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1041194" }, { "name": "DSA-4278", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2018/dsa-4278" }, { "name": "https://security.netapp.com/advisory/ntap-20181014-0001/", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20181014-0001/" }, { "name": "RHSA-2019:0910", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "https://access.redhat.com/errata/RHSA-2019:0910" }, { "name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03953en_us", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03953en_us" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E" }, { "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "[druid-commits] 20210226 [GitHub] [druid] kingnj opened a new issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E" }, { "name": "[druid-commits] 20210304 [GitHub] [druid] suneet-s closed issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E" }, { "name": "[druid-commits] 20210304 [GitHub] [druid] suneet-s commented on issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", "refsource": "MLIST", "tags": [], "url": "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E" }, { "name": "N/A", "refsource": "N/A", "tags": [], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } }, "lastModifiedDate": "2021-07-20T23:15Z", "publishedDate": "2018-06-26T16:29Z" } } }
rhsa-2020_3779
Vulnerability from csaf_redhat
Published
2020-09-17 13:07
Modified
2024-11-05 22:42
Summary
Red Hat Security Advisory: Red Hat Data Grid 7.3.7 security update
Notes
Topic
An update for Red Hat Data Grid is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project.
This release of Red Hat Data Grid 7.3.7 serves as a replacement for Red Hat Data Grid 7.3.6 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum.
Security Fix(es):
* jetty: Incorrect header handling (CVE-2017-7658)
* EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)
* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)
* undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass (CVE-2020-1757)
* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)
* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)
* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)
* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)
* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)
* jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)
* jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969)
* jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111)
* jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112)
* jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)
* jackson-databind: Serialization gadgets in org.springframework:spring-aop (CVE-2020-11619)
* jackson-databind: Serialization gadgets in commons-jelly:commons-jelly (CVE-2020-11620)
* jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)
* resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)
* Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)
* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612)
* log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for Red Hat Data Grid is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project.\n\nThis release of Red Hat Data Grid 7.3.7 serves as a replacement for Red Hat Data Grid 7.3.6 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum.\n\nSecurity Fix(es):\n\n* jetty: Incorrect header handling (CVE-2017-7658)\n\n* EAP: field-name is not parsed in accordance to RFC7230 (CVE-2020-1710)\n\n* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)\n\n* undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass (CVE-2020-1757)\n\n* jackson-databind: Lacks certain xbean-reflect/JNDI blocking (CVE-2020-8840)\n\n* jackson-databind: Serialization gadgets in shaded-hikari-config (CVE-2020-9546)\n\n* jackson-databind: Serialization gadgets in ibatis-sqlmap (CVE-2020-9547)\n\n* jackson-databind: Serialization gadgets in anteros-core (CVE-2020-9548)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10672)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution (CVE-2020-10673)\n\n* jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider (CVE-2020-10968)\n\n* jackson-databind: Serialization gadgets in javax.swing.JEditorPane (CVE-2020-10969)\n\n* jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory (CVE-2020-11111)\n\n* jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider (CVE-2020-11112)\n\n* jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime (CVE-2020-11113)\n\n* jackson-databind: Serialization gadgets in org.springframework:spring-aop (CVE-2020-11619)\n\n* jackson-databind: Serialization gadgets in commons-jelly:commons-jelly (CVE-2020-11620)\n\n* jackson-mapper-asl: XML external entity similar to CVE-2016-3720 (CVE-2019-10172)\n\n* resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class (CVE-2020-1695)\n\n* Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain (CVE-2020-1719)\n\n* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes (CVE-2020-11612)\n\n* log4j: improper validation of certificate with host mismatch in SMTP appender (CVE-2020-9488)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:3779", "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid\u0026downloadType=securityPatches\u0026version=7.3", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=data.grid\u0026downloadType=securityPatches\u0026version=7.3" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/html/red_hat_data_grid_7.3_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/html/red_hat_data_grid_7.3_release_notes/index" }, { "category": "external", "summary": "1595621", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595621" }, { "category": "external", "summary": "1715075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715075" }, { "category": "external", "summary": "1730462", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730462" }, { "category": "external", "summary": "1752770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752770" }, { "category": "external", "summary": "1793970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970" }, { "category": "external", "summary": "1796617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796617" }, { "category": "external", "summary": "1807305", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807305" }, { "category": "external", "summary": "1807707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707" }, { "category": "external", "summary": "1815470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470" }, { "category": "external", "summary": "1815495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495" }, { "category": "external", "summary": "1816216", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816216" }, { "category": "external", "summary": "1816330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330" }, { "category": "external", "summary": "1816332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332" }, { "category": "external", "summary": "1816337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337" }, { "category": "external", "summary": "1816340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340" }, { "category": "external", "summary": "1819208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819208" }, { "category": "external", "summary": "1819212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819212" }, { "category": "external", "summary": "1821304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821304" }, { "category": "external", "summary": "1821311", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821311" }, { "category": "external", "summary": "1821315", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821315" }, { "category": "external", "summary": "1825714", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714" }, { "category": "external", "summary": "1826798", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826798" }, { "category": "external", "summary": "1826805", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826805" }, { "category": "external", "summary": "1831139", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831139" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3779.json" } ], "title": "Red Hat Security Advisory: Red Hat Data Grid 7.3.7 security update", "tracking": { "current_release_date": "2024-11-05T22:42:47+00:00", "generator": { "date": "2024-11-05T22:42:47+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2020:3779", "initial_release_date": "2020-09-17T13:07:49+00:00", "revision_history": [ { "date": "2020-09-17T13:07:49+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-09-17T13:07:49+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T22:42:47+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Data Grid 7.3.7", "product": { "name": "Red Hat Data Grid 7.3.7", "product_id": "Red Hat Data Grid 7.3.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_data_grid:7.3" } } } ], "category": "product_family", "name": "Red Hat JBoss Data Grid" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2017-7656", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2018-06-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1595639" } ], "notes": [ { "category": "description", "text": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: HTTP request smuggling using the range header", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jetty embedded in the nutch package as shipped with Red Hat Satellite 5. The nutch service is not exposed, as such exploitation is difficult, Red Hat Product Security has rated this issue as having security impact of Low. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nData Grid 7 has deprecated the agent-bond utility that permits this flaw; it is disabled by default and is no longer supported. While the functionality is still available for backward-compatibility usage, customers are strongly recommended to use Prometheus JMX instead. As the functionality is deprecated and no longer supported, the flaw has been scored as Moderate for Data Grid 7.\n\nData Grid 8 is not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7656" }, { "category": "external", "summary": "RHBZ#1595639", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595639" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7656", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7656" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7656", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7656" } ], "release_date": "2018-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jetty: HTTP request smuggling using the range header" }, { "cve": "CVE-2017-7657", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2018-06-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1595620" } ], "notes": [ { "category": "description", "text": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: HTTP request smuggling", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jetty embedded in the nutch package as shipped with Red Hat Satellite 5. The nutch service is not exposed, as such exploitation is difficult, Red Hat Product Security has rated this issue as having security impact of Low. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nData Grid 7 has deprecated the agent-bond utility that permits this flaw; it is disabled by default and is no longer supported. While the functionality is still available for backward-compatibility usage, customers are strongly recommended to use Prometheus JMX instead. As the functionality is deprecated and no longer supported, the flaw has been scored as Moderate for Data Grid 7.\n\nData Grid 8 is not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7657" }, { "category": "external", "summary": "RHBZ#1595620", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595620" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7657", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7657" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7657", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7657" } ], "release_date": "2018-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jetty: HTTP request smuggling" }, { "cve": "CVE-2017-7658", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2018-06-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1595621" } ], "notes": [ { "category": "description", "text": "In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: Incorrect header handling", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jetty embedded in the nutch package as shipped with Red Hat Satellite 5. The nutch service is not exposed, as such exploitation is difficult, Red Hat Product Security has rated this issue as having security impact of Low. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nData Grid 7 has deprecated the agent-bond utility that permits this flaw; it is disabled by default and is no longer supported. While the functionality is still available for backward-compatibility usage, customers are strongly recommended to use Prometheus JMX instead. As the functionality is deprecated and no longer supported, the flaw has been scored as Moderate for Data Grid 7.\n\nData Grid 8 is not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7658" }, { "category": "external", "summary": "RHBZ#1595621", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595621" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7658", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7658" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7658", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7658" } ], "release_date": "2018-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jetty: Incorrect header handling" }, { "acknowledgments": [ { "names": [ "Brian Stansberry" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2019-10172", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "discovery_date": "2019-04-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1715075" } ], "notes": [ { "category": "description", "text": "A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries such that an XML external entity (XXE) vulnerability affects codehaus\u0027s jackson-mapper-asl libraries. This vulnerability is similar to CVE-2016-3720. The primary threat from this flaw is data integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-mapper-asl: XML external entity similar to CVE-2016-3720", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10172" }, { "category": "external", "summary": "RHBZ#1715075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715075" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10172", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10172" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10172", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10172" } ], "release_date": "2019-11-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-mapper-asl: XML external entity similar to CVE-2016-3720" }, { "acknowledgments": [ { "names": [ "Mirko Selber" ], "organization": "Compass Security" } ], "cve": "CVE-2020-1695", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-07-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1730462" } ], "notes": [ { "category": "description", "text": "A flaw was found in Resteasy, where an improper input validation results in returning an illegal header that integrates into the server\u0027s response. This flaw may result in an injection, which leads to unexpected behavior when the HTTP response is constructed.", "title": "Vulnerability description" }, { "category": "summary", "text": "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1695" }, { "category": "external", "summary": "RHBZ#1730462", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730462" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1695", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1695" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1695", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1695" } ], "release_date": "2020-04-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class" }, { "cve": "CVE-2020-1710", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2019-12-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1793970" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in JBoss EAP, where it does not process the header field-name in accordance with RFC7230. Whitespace between the header field-name and colon is processed, resulting in an HTTP response code of 200 instead of a bad request of 400.", "title": "Vulnerability description" }, { "category": "summary", "text": "EAP: field-name is not parsed in accordance to RFC7230", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1710" }, { "category": "external", "summary": "RHBZ#1793970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1710", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1710" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1710" } ], "release_date": "2020-08-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "There is currently no known mitigation for this issue.", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "EAP: field-name is not parsed in accordance to RFC7230" }, { "cve": "CVE-2020-1719", "cwe": { "id": "CWE-270", "name": "Privilege Context Switching Error" }, "discovery_date": "2019-08-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1796617" } ], "notes": [ { "category": "description", "text": "A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1719" }, { "category": "external", "summary": "RHBZ#1796617", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796617" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1719", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1719" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1719", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1719" } ], "release_date": "2019-06-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain" }, { "acknowledgments": [ { "names": [ "Steve Zapantis", "Robert Roberson", "taktakdb4g" ] } ], "cve": "CVE-2020-1745", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2020-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1807305" } ], "notes": [ { "category": "description", "text": "A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: AJP File Read/Inclusion Vulnerability", "title": "Vulnerability summary" }, { "category": "other", "text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1938", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1745" }, { "category": "external", "summary": "RHBZ#1807305", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807305" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1745", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1745" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1745", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1745" }, { "category": "external", "summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/", "url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/" }, { "category": "external", "summary": "https://www.cnvd.org.cn/webinfo/show/5415", "url": "https://www.cnvd.org.cn/webinfo/show/5415" }, { "category": "external", "summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487", "url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487" } ], "release_date": "2020-02-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "undertow: AJP File Read/Inclusion Vulnerability" }, { "cve": "CVE-2020-1748", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "discovery_date": "2020-02-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1807707" } ], "notes": [ { "category": "description", "text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.", "title": "Vulnerability description" }, { "category": "summary", "text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1748" }, { "category": "external", "summary": "RHBZ#1807707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1748" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748" } ], "release_date": "2020-08-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain" }, { "acknowledgments": [ { "names": [ "Fedorov Oleksii", "Keitaro Yamazaki", "Shiga Ryota" ], "organization": "LINE Corporation" } ], "cve": "CVE-2020-1757", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-09-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1752770" } ], "notes": [ { "category": "description", "text": "A flaw was found in Undertow, where the servlet container causes the servletPath to normalize incorrectly by truncating the path after the semicolon. The flaw may lead to application mapping, resulting in a security bypass.", "title": "Vulnerability description" }, { "category": "summary", "text": "undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1757" }, { "category": "external", "summary": "RHBZ#1752770", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752770" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1757", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1757" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1757", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1757" } ], "release_date": "2018-12-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "The issue can be mitigated by configuring UrlPathHelper to ignore the servletPath via setting \"alwaysUseFullPath\".", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass" }, { "cve": "CVE-2020-8840", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816330" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind in versions 2.0.0 through 2.9.10.2. A \"gadget\" exploit is possible due to a lack of a Java object being blocking from being deserialized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-8840" }, { "category": "external", "summary": "RHBZ#1816330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816330" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8840", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8840" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8840" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Lacks certain xbean-reflect/JNDI blocking" }, { "cve": "CVE-2020-9488", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2020-04-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1831139" } ], "notes": [ { "category": "description", "text": "Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1", "title": "Vulnerability description" }, { "category": "summary", "text": "log4j: improper validation of certificate with host mismatch in SMTP appender", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9488" }, { "category": "external", "summary": "RHBZ#1831139", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831139" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9488", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9488" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9488", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9488" } ], "release_date": "2020-04-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "Previous versions can set the system property mail.smtp.ssl.checkserveridentity to true to globally enable hostname verification for SMTPS connections.", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "log4j: improper validation of certificate with host mismatch in SMTP appender" }, { "cve": "CVE-2020-9546", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816332" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in shaded-hikari-config", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9546" }, { "category": "external", "summary": "RHBZ#1816332", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816332" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9546", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9546" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9546" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in shaded-hikari-config" }, { "cve": "CVE-2020-9547", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816337" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in ibatis-sqlmap", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9547" }, { "category": "external", "summary": "RHBZ#1816337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816337" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9547", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9547" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9547" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in ibatis-sqlmap" }, { "cve": "CVE-2020-9548", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816340" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in anteros-core", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9548" }, { "category": "external", "summary": "RHBZ#1816340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816340" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9548", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9548" } ], "release_date": "2020-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in anteros-core" }, { "cve": "CVE-2020-10672", "cwe": { "id": "CWE-96", "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)" }, "discovery_date": "2020-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1815495" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10672" }, { "category": "external", "summary": "RHBZ#1815495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815495" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10672", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10672" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10672" } ], "release_date": "2020-03-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution" }, { "cve": "CVE-2020-10673", "cwe": { "id": "CWE-96", "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)" }, "discovery_date": "2020-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1815470" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML jackson-databind 2.x mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time. Additionally, the gadget is not available within Red Hat Openstack Platform\u0027s OpenDaylight.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10673" }, { "category": "external", "summary": "RHBZ#1815470", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1815470" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10673", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10673" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10673" } ], "release_date": "2020-03-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution" }, { "acknowledgments": [ { "names": [ "Mark Banierink" ], "organization": "Nedap" } ], "cve": "CVE-2020-10714", "cwe": { "id": "CWE-384", "name": "Session Fixation" }, "discovery_date": "2020-03-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1825714" } ], "notes": [ { "category": "description", "text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly-elytron: session fixation when using FORM authentication", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10714" }, { "category": "external", "summary": "RHBZ#1825714", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10714" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714" } ], "release_date": "2020-04-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "wildfly-elytron: session fixation when using FORM authentication" }, { "cve": "CVE-2020-10968", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819208" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x prior to version 2.9.10.4. The interaction between serialization gadgets and typing is mishandled in the bus-proxy. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10968" }, { "category": "external", "summary": "RHBZ#1819208", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819208" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10968", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10968" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10968", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10968" } ], "release_date": "2020-03-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider" }, { "cve": "CVE-2020-10969", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819212" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in javax.swing.JEditorPane", "title": "Vulnerability summary" }, { "category": "other", "text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10969" }, { "category": "external", "summary": "RHBZ#1819212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819212" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10969", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10969" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10969", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10969" } ], "release_date": "2020-03-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Serialization gadgets in javax.swing.JEditorPane" }, { "cve": "CVE-2020-11111", "cwe": { "id": "CWE-96", "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)" }, "discovery_date": "2020-03-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1821304" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11111" }, { "category": "external", "summary": "RHBZ#1821304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821304" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11111", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11111" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11111", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11111" }, { "category": "external", "summary": "https://github.com/FasterXML/jackson-databind/issues/2664", "url": "https://github.com/FasterXML/jackson-databind/issues/2664" } ], "release_date": "2020-03-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory" }, { "cve": "CVE-2020-11112", "cwe": { "id": "CWE-96", "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)" }, "discovery_date": "2020-03-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1821311" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11112" }, { "category": "external", "summary": "RHBZ#1821311", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821311" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11112", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11112" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11112", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11112" }, { "category": "external", "summary": "https://github.com/FasterXML/jackson-databind/issues/2666", "url": "https://github.com/FasterXML/jackson-databind/issues/2666" } ], "release_date": "2020-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider" }, { "cve": "CVE-2020-11113", "cwe": { "id": "CWE-96", "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)" }, "discovery_date": "2020-03-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1821315" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11113" }, { "category": "external", "summary": "RHBZ#1821315", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821315" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11113", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11113" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11113", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11113" }, { "category": "external", "summary": "https://github.com/FasterXML/jackson-databind/issues/2670", "url": "https://github.com/FasterXML/jackson-databind/issues/2670" } ], "release_date": "2020-03-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime" }, { "cve": "CVE-2020-11612", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-03-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1816216" } ], "notes": [ { "category": "description", "text": "A flaw was found in Netty in the way it handles the amount of data it compresses and decompresses. The Compression/Decompression codecs should enforce memory allocation size limits to avoid an Out of Memory Error (OOME) or exhaustion of the memory pool.", "title": "Vulnerability description" }, { "category": "summary", "text": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes", "title": "Vulnerability summary" }, { "category": "other", "text": "In OpenShift Container Platform end users don\u0027t have direct access to send requests to ElasticSearch. A user could need access to the ElasticSearch service on the internal cluster network in order to be able to send malicious requests to it.\n\n\nThird party scanners flagging Red Hat Satellite due to availability of the higher version packages in Red Hat AMQ Clients (through errata RHSA-2020:2605) compare to the qpid packages from Satellite Tools repository. qpid dependency fixed in errata RHSA-2020:2605 was for Red Hat AMQ Clients and it doesn\u0027t necessarily mean that packages from Satellite Tools are affected. These are two different products with different architecture and code-base. Updating the packages from any other repository than the Satellite-tools repository is not recommended for Satellite Customers. \n\nRed Hat Satellite 6.7 and earlier ship affected version of netty, however, there is no external connection being exposed and it is used by only Artemis to open an internal connection within the JVM. Since netty does not come into contact with untrusted data, vulnerability is not exposed in product code and there is no breach of Confidentiality, Integrity or Availability expected from this vulnerability. We may update the netty and its dependency in a future release.\n\nMore information regarding Satellite related packages can be found on KCS: https://access.redhat.com/solutions/5200591", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11612" }, { "category": "external", "summary": "RHBZ#1816216", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816216" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11612", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11612" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11612" } ], "release_date": "2020-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "netty: compression/decompression codecs don\u0027t enforce limits on buffer allocation sizes" }, { "cve": "CVE-2020-11619", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-04-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1826805" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in org.springframework:spring-aop", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11619" }, { "category": "external", "summary": "RHBZ#1826805", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826805" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11619", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11619" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11619", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11619" } ], "release_date": "2020-04-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in org.springframework:spring-aop" }, { "cve": "CVE-2020-11620", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2020-04-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1826798" } ], "notes": [ { "category": "description", "text": "A flaw was found in jackson-databind 2.x. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Serialization gadgets in commons-jelly:commons-jelly", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe PKI module as shipped in Red Hat Enterprise Linux 8 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used, lowering the impact of the vulnerability for the Product. We may update the jackson-databind dependency in a future release.\n\nWhile OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nRed Hat Satellite 6 does not enable polymorphic deserialization which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Data Grid 7.3.7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11620" }, { "category": "external", "summary": "RHBZ#1826798", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826798" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11620", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11620" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11620", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11620" } ], "release_date": "2020-04-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-09-17T13:07:49+00:00", "details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.7 server patch from the customer portal. See the download link in the References section.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.7 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.", "product_ids": [ "Red Hat Data Grid 7.3.7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:3779" }, { "category": "workaround", "details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`", "product_ids": [ "Red Hat Data Grid 7.3.7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat Data Grid 7.3.7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: Serialization gadgets in commons-jelly:commons-jelly" } ] }
rhsa-2019_0910
Vulnerability from csaf_redhat
Published
2019-04-30 15:18
Modified
2024-11-05 21:03
Summary
Red Hat Security Advisory: Red Hat Fuse 7.3 security update
Notes
Topic
A minor version update (from 7.2 to 7.3) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse 7.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)
* struts2: ClassLoader manipulation via request parameters (CVE-2014-0112)
* jetty: HTTP request smuggling (CVE-2017-7657)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A minor version update (from 7.2 to 7.3) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This release of Red Hat Fuse 7.3 serves as a replacement for Red Hat Fuse 7.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\n* struts2: ClassLoader manipulation via request parameters (CVE-2014-0112)\n\n* jetty: HTTP request smuggling (CVE-2017-7657)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:0910", "url": "https://access.redhat.com/errata/RHSA-2019:0910" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.3.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.3.0" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/html-single/release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/html-single/release_notes/" }, { "category": "external", "summary": "1091939", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091939" }, { "category": "external", "summary": "1462702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702" }, { "category": "external", "summary": "1595620", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595620" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0910.json" } ], "title": "Red Hat Security Advisory: Red Hat Fuse 7.3 security update", "tracking": { "current_release_date": "2024-11-05T21:03:56+00:00", "generator": { "date": "2024-11-05T21:03:56+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2019:0910", "initial_release_date": "2019-04-30T15:18:16+00:00", "revision_history": [ { "date": "2019-04-30T15:18:16+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-04-30T15:18:16+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T21:03:56+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Fuse 7.3", "product": { "name": "Red Hat Fuse 7.3", "product_id": "Red Hat Fuse 7.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_fuse:7" } } } ], "category": "product_family", "name": "Red Hat JBoss Fuse" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2014-0112", "discovery_date": "2014-04-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1091939" } ], "notes": [ { "category": "description", "text": "ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.", "title": "Vulnerability description" }, { "category": "summary", "text": "struts2: ClassLoader manipulation via request parameters", "title": "Vulnerability summary" }, { "category": "other", "text": "A previous statement by Red Hat related to this CVE, prior to August 2019, said that Apache Struts 2 is not included in any Red Hat products. This earlier statement was incorrect. While Struts 2 is not actively compiled, shipped, used, or enabled in any Red Hat provided final products, and does not cause any vulnerability in the product, struts2-core jars have been included in some products\u0027 source code packages. The inclusion was part of an import of the Google Guice repository, which includes struts2-core. Customers that build artefacts from our source code could be at risk. Red Hat will remove these artefacts from source code in future releases.\n\nThe products that included the Struts 2 artefacts in their source jars:\nFuse Service Works 6.0.0\nSingle Sign On 7.3.0+\n\nIf you have used the source package from one of these products to build artefacts on your system, you should do the following to remove potentially affected jars:\n1. Run \u0027find . -name struts2*.jar\u0027 under the source location\n2. Remove any files found\nThis will not affect the product, as the jar is included with the source of google-guice, but no functionality requiring struts2 is implemented.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0112" }, { "category": "external", "summary": "RHBZ#1091939", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1091939" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0112", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0112" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0112", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0112" }, { "category": "external", "summary": "https://cwiki.apache.org/confluence/display/WW/S2-021", "url": "https://cwiki.apache.org/confluence/display/WW/S2-021" } ], "release_date": "2014-04-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-04-30T15:18:16+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.3.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/", "product_ids": [ "Red Hat Fuse 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:0910" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "Red Hat Fuse 7.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "struts2: ClassLoader manipulation via request parameters" }, { "acknowledgments": [ { "names": [ "Liao Xinxi" ], "organization": "NSFOCUS" } ], "cve": "CVE-2017-7525", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2017-06-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1462702" } ], "notes": [ { "category": "description", "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7525" }, { "category": "external", "summary": "RHBZ#1462702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525" } ], "release_date": "2017-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-04-30T15:18:16+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.3.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/", "product_ids": [ "Red Hat Fuse 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:0910" }, { "category": "workaround", "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "product_ids": [ "Red Hat Fuse 7.3" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.3" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper" }, { "cve": "CVE-2017-7657", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2018-06-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1595620" } ], "notes": [ { "category": "description", "text": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.", "title": "Vulnerability description" }, { "category": "summary", "text": "jetty: HTTP request smuggling", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of jetty embedded in the nutch package as shipped with Red Hat Satellite 5. The nutch service is not exposed, as such exploitation is difficult, Red Hat Product Security has rated this issue as having security impact of Low. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nData Grid 7 has deprecated the agent-bond utility that permits this flaw; it is disabled by default and is no longer supported. While the functionality is still available for backward-compatibility usage, customers are strongly recommended to use Prometheus JMX instead. As the functionality is deprecated and no longer supported, the flaw has been scored as Moderate for Data Grid 7.\n\nData Grid 8 is not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-7657" }, { "category": "external", "summary": "RHBZ#1595620", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595620" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7657", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7657" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7657", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7657" } ], "release_date": "2018-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-04-30T15:18:16+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.3.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/", "product_ids": [ "Red Hat Fuse 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:0910" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "Red Hat Fuse 7.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jetty: HTTP request smuggling" }, { "cve": "CVE-2019-0194", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2019-04-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1707581" } ], "notes": [ { "category": "description", "text": "Apache Camel\u0027s File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected.", "title": "Vulnerability description" }, { "category": "summary", "text": "camel: Directory traversal in file producer", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat Fuse 7.3" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-0194" }, { "category": "external", "summary": "RHBZ#1707581", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707581" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-0194", "url": "https://www.cve.org/CVERecord?id=CVE-2019-0194" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0194", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0194" } ], "release_date": "2019-04-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-04-30T15:18:16+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.3.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/", "product_ids": [ "Red Hat Fuse 7.3" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:0910" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "products": [ "Red Hat Fuse 7.3" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "camel: Directory traversal in file producer" } ] }
wid-sec-w-2022-1375
Vulnerability from csaf_certbund
Published
2022-09-11 22:00
Modified
2023-09-14 22:00
Summary
JFrog Artifactory: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JFrog Artifactory ist eine universelle DevOps-Lösung.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in JFrog Artifactory ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszulösen.
Betroffene Betriebssysteme
- UNIX
- Linux
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "JFrog Artifactory ist eine universelle DevOps-L\u00f6sung.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in JFrog Artifactory ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2022-1375 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1375.json" }, { "category": "self", "summary": "WID-SEC-2022-1375 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1375" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:5165 vom 2023-09-14", "url": "https://access.redhat.com/errata/RHSA-2023:5165" }, { "category": "external", "summary": "JFrog Fixed Security Vulnerabilities vom 2022-09-11", "url": "https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities" }, { "category": "external", "summary": "JFrog Fixed Security Vulnerabilities", "url": "https://www.jfrog.com/confluence/display/JFROG/Fixed+Security+Vulnerabilities" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2022:6782 vom 2022-10-04", "url": "https://access.redhat.com/errata/RHSA-2022:6782" }, { "category": "external", "summary": "Ubuntu Security Notice USN-5776-1 vom 2022-12-13", "url": "https://ubuntu.com/security/notices/USN-5776-1" } ], "source_lang": "en-US", "title": "JFrog Artifactory: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-09-14T22:00:00.000+00:00", "generator": { "date": "2024-02-15T16:58:09.779+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2022-1375", "initial_release_date": "2022-09-11T22:00:00.000+00:00", "revision_history": [ { "date": "2022-09-11T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2022-10-03T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates aufgenommen" }, { "date": "2022-10-04T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2022-12-12T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2022-12-20T23:00:00.000+00:00", "number": "5", "summary": "Referenz(en) aufgenommen: FEDORA-2022-DB674BAFD9, FEDORA-2022-7E327A20BE" }, { "date": "2023-09-14T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "6" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "JFrog Artifactory", "product": { "name": "JFrog Artifactory", "product_id": "T024527", "product_identification_helper": { "cpe": "cpe:/a:jfrog:artifactory:-" } } }, { "category": "product_name", "name": "JFrog Artifactory \u003c 7.46.3", "product": { "name": "JFrog Artifactory \u003c 7.46.3", "product_id": "T024764", "product_identification_helper": { "cpe": "cpe:/a:jfrog:artifactory:7.46.3" } } } ], "category": "product_name", "name": "Artifactory" } ], "category": "vendor", "name": "JFrog" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-4517", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2013-4517" }, { "cve": "CVE-2013-7285", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2013-7285" }, { "cve": "CVE-2014-0107", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2014-0107" }, { "cve": "CVE-2014-0114", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2014-0114" }, { "cve": "CVE-2014-3577", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2014-3577" }, { "cve": "CVE-2014-3623", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2014-3623" }, { "cve": "CVE-2015-0227", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2015-0227" }, { "cve": "CVE-2015-2575", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2015-2575" }, { "cve": "CVE-2015-3253", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2015-3253" }, { "cve": "CVE-2015-4852", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2015-4852" }, { "cve": "CVE-2015-7940", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2015-7940" }, { "cve": "CVE-2016-10750", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-10750" }, { "cve": "CVE-2016-3092", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-3092" }, { "cve": "CVE-2016-3674", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-3674" }, { "cve": "CVE-2016-6501", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-6501" }, { "cve": "CVE-2016-8735", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-8735" }, { "cve": "CVE-2016-8745", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2016-8745" }, { "cve": "CVE-2017-1000487", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-1000487" }, { "cve": "CVE-2017-15095", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-15095" }, { "cve": "CVE-2017-17485", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-17485" }, { "cve": "CVE-2017-18214", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-18214" }, { "cve": "CVE-2017-18640", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-18640" }, { "cve": "CVE-2017-7525", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-7525" }, { "cve": "CVE-2017-7657", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-7657" }, { "cve": "CVE-2017-7957", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-7957" }, { "cve": "CVE-2017-9506", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2017-9506" }, { "cve": "CVE-2018-1000206", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2018-1000206" }, { "cve": "CVE-2018-9116", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2018-9116" }, { "cve": "CVE-2019-10219", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2019-10219" }, { "cve": "CVE-2019-12402", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2019-12402" }, { "cve": "CVE-2019-17359", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2019-17359" }, { "cve": "CVE-2019-17571", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2019-17571" }, { "cve": "CVE-2019-20104", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2019-20104" }, { "cve": "CVE-2020-11996", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-11996" }, { "cve": "CVE-2020-13934", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-13934" }, { "cve": "CVE-2020-13935", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-13935" }, { "cve": "CVE-2020-13949", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-13949" }, { "cve": "CVE-2020-14340", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-14340" }, { "cve": "CVE-2020-15586", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-15586" }, { "cve": "CVE-2020-1745", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-1745" }, { "cve": "CVE-2020-17521", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-17521" }, { "cve": "CVE-2020-25649", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-25649" }, { "cve": "CVE-2020-28500", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-28500" }, { "cve": "CVE-2020-29582", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-29582" }, { "cve": "CVE-2020-36518", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-36518" }, { "cve": "CVE-2020-7226", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-7226" }, { "cve": "CVE-2020-7692", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-7692" }, { "cve": "CVE-2020-8203", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2020-8203" }, { "cve": "CVE-2021-13936", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-13936" }, { "cve": "CVE-2021-21290", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-21290" }, { "cve": "CVE-2021-22060", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22060" }, { "cve": "CVE-2021-22112", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22112" }, { "cve": "CVE-2021-22119", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22119" }, { "cve": "CVE-2021-22147", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22147" }, { "cve": "CVE-2021-22148", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22148" }, { "cve": "CVE-2021-22149", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22149" }, { "cve": "CVE-2021-22573", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-22573" }, { "cve": "CVE-2021-23337", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-23337" }, { "cve": "CVE-2021-25122", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-25122" }, { "cve": "CVE-2021-26291", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-26291" }, { "cve": "CVE-2021-27568", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-27568" }, { "cve": "CVE-2021-29505", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-29505" }, { "cve": "CVE-2021-30129", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-30129" }, { "cve": "CVE-2021-33037", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-33037" }, { "cve": "CVE-2021-35550", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35550" }, { "cve": "CVE-2021-35556", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35556" }, { "cve": "CVE-2021-35560", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35560" }, { "cve": "CVE-2021-35561", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35561" }, { "cve": "CVE-2021-35564", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35564" }, { "cve": "CVE-2021-35565", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35565" }, { "cve": "CVE-2021-35567", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35567" }, { "cve": "CVE-2021-35578", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35578" }, { "cve": "CVE-2021-35586", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35586" }, { "cve": "CVE-2021-35588", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35588" }, { "cve": "CVE-2021-35603", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-35603" }, { "cve": "CVE-2021-36374", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-36374" }, { "cve": "CVE-2021-3765", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-3765" }, { "cve": "CVE-2021-3807", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-3807" }, { "cve": "CVE-2021-38561", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-38561" }, { "cve": "CVE-2021-3859", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-3859" }, { "cve": "CVE-2021-41090", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-41090" }, { "cve": "CVE-2021-41091", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-41091" }, { "cve": "CVE-2021-42340", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-42340" }, { "cve": "CVE-2021-42550", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-42550" }, { "cve": "CVE-2021-43797", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2021-43797" }, { "cve": "CVE-2022-0536", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-0536" }, { "cve": "CVE-2022-22963", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-22963" }, { "cve": "CVE-2022-23632", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-23632" }, { "cve": "CVE-2022-23648", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-23648" }, { "cve": "CVE-2022-23806", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-23806" }, { "cve": "CVE-2022-24769", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-24769" }, { "cve": "CVE-2022-24823", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-24823" }, { "cve": "CVE-2022-27191", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-27191" }, { "cve": "CVE-2022-29153", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-29153" }, { "cve": "CVE-2022-32212", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-32212" }, { "cve": "CVE-2022-32213", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-32213" }, { "cve": "CVE-2022-32214", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-32214" }, { "cve": "CVE-2022-32215", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-32215" }, { "cve": "CVE-2022-32223", "notes": [ { "category": "description", "text": "In JFrog Artifactory existieren Zahlreiche Schwachstellen in verschiedenen Komponenten von Drittanbietern. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand auszul\u00f6sen. Das erfolgreiche Ausnutzen einiger dieser Schwachstellen erfordert eine Benutzerinteraktion und erh\u00f6hte Rechte." } ], "product_status": { "known_affected": [ "T024527", "67646", "T000126", "T024764" ] }, "release_date": "2022-09-11T22:00:00Z", "title": "CVE-2022-32223" } ] }
ghsa-vgg8-72f2-qm23
Vulnerability from github
Published
2018-10-19 16:15
Modified
2021-06-10 20:19
Severity ?
Summary
Critical severity vulnerability that affects org.eclipse.jetty:jetty-server
Details
In Eclipse Jetty, versions 9.2.x and older, 9.3.x, transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
{ "affected": [ { "database_specific": { "last_known_affected_version_range": "\u003c= 9.2.25.v20180105" }, "package": { "ecosystem": "Maven", "name": "org.eclipse.jetty:jetty-server" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "9.2.25.v20180606" } ], "type": "ECOSYSTEM" } ] }, { "database_specific": { "last_known_affected_version_range": "\u003c= 9.3.23.v20180228" }, "package": { "ecosystem": "Maven", "name": "org.eclipse.jetty:jetty-server" }, "ranges": [ { "events": [ { "introduced": "9.3.0" }, { "fixed": "9.3.24.v20180605" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2017-7657" ], "database_specific": { "cwe_ids": [ "CWE-190", "CWE-444" ], "github_reviewed": true, "github_reviewed_at": "2020-06-16T21:57:40Z", "nvd_published_at": "2018-06-26T16:29:00Z", "severity": "CRITICAL" }, "details": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x, transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.", "id": "GHSA-vgg8-72f2-qm23", "modified": "2021-06-10T20:19:49Z", "published": "2018-10-19T16:15:34Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7657" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2019:0910" }, { "type": "WEB", "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668" }, { "type": "ADVISORY", "url": "https://github.com/advisories/GHSA-vgg8-72f2-qm23" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E" }, { "type": "WEB", "url": "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20181014-0001" }, { "type": "WEB", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03953en_us" }, { "type": "WEB", "url": "https://www.debian.org/security/2018/dsa-4278" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "type": "WEB", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1041194" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ], "summary": "Critical severity vulnerability that affects org.eclipse.jetty:jetty-server" }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.