cvelistv5 - cve-2018-1295

CVE-2018-1295 (GCVE-0-2018-1295)

Vulnerability from cvelistv5 – Published: 2018-04-02 17:00 – Updated: 2024-09-17 01:06

Summary

In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer.

Severity ?

No CVSS data available.

CWE

Information Disclosure

Assigner

apache

References

URL

	Vendor	Product	Version
	Apache Software Foundation	Apache Ignite	Affected: 2.3 and earlier

FKIE_CVE-2018-1295

Vulnerability from fkie_nvd - Published: 2018-04-02 17:29 - Updated: 2024-11-21 03:59

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
security@apache.org	http://www.securityfocus.com/bid/103692	Third Party Advisory, VDB Entry
security@apache.org	https://access.redhat.com/errata/RHSA-2018:2405	Third Party Advisory
security@apache.org	https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209%40%3Cdev.ignite.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/103692	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2018:2405	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209%40%3Cdev.ignite.apache.org%3E

Impacted products

	Vendor	Product	Version
	apache	ignite	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:ignite:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0B26840-2773-4E40-B366-E8C98ECEE889",
              "versionEndIncluding": "2.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer."
    },
    {
      "lang": "es",
      "value": "En Apache Ignite 2.3 o anterior, el mecanismo de serializaci\u00f3n no tiene una lista de clases permitidas para serializar/deserializar, lo que hace posible que se ejecute c\u00f3digo arbitrario cuando clases vulnerables de terceros est\u00e1n presentes en la ruta de clases de Ignite. La vulnerabilidad se puede explotar si uno env\u00eda un forma especial de objeto serializado a uno de los extremos de deserializaci\u00f3n de determinados componentes de Ignite - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer."
    }
  ],
  "id": "CVE-2018-1295",
  "lastModified": "2024-11-21T03:59:33.920",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-02T17:29:00.277",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103692"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2405"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209%40%3Cdev.ignite.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103692"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:2405"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209%40%3Cdev.ignite.apache.org%3E"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-502"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

RHSA-2018_2405

Vulnerability from csaf_redhat - Published: 2018-08-14 19:51 - Updated: 2024-11-22 12:13

Summary

Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R7 security and bug fix update

Notes

Topic

An update is now available for Red Hat Fuse Integration Services. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift. Security fix(es): * undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196) * spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code (CVE-2017-8046) * spring-framework: Improper URL path validation allows for bypassing of security checks on static resources (CVE-2018-1199) * ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints (CVE-2018-1295) * spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. The CVE-2017-12196 issue was discovered by Jan Stourac (Red Hat).

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat Fuse Integration Services.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift.\n\nSecurity fix(es):\n\n* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)\n\n* spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code (CVE-2017-8046)\n\n* spring-framework: Improper URL path validation allows for bypassing of security checks on static resources (CVE-2018-1199)\n\n* ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints (CVE-2018-1295)\n\n* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nThe CVE-2017-12196 issue was discovered by Jan Stourac (Red Hat).",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:2405",
        "url": "https://access.redhat.com/errata/RHSA-2018:2405"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/articles/3060411",
        "url": "https://access.redhat.com/articles/3060411"
      },
      {
        "category": "external",
        "summary": "1503055",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055"
      },
      {
        "category": "external",
        "summary": "1540030",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540030"
      },
      {
        "category": "external",
        "summary": "1553024",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553024"
      },
      {
        "category": "external",
        "summary": "1563133",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563133"
      },
      {
        "category": "external",
        "summary": "1563732",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2405.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R7 security and bug fix update",
    "tracking": {
      "current_release_date": "2024-11-22T12:13:00+00:00",
      "generator": {
        "date": "2024-11-22T12:13:00+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2018:2405",
      "initial_release_date": "2018-08-14T19:51:07+00:00",
      "revision_history": [
        {
          "date": "2018-08-14T19:51:07+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-08-14T19:51:07+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T12:13:00+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
                "product": {
                  "name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
                  "product_id": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_fuse:6.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Fuse"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-8046",
      "discovery_date": "2018-03-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1553024"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "While there might be compatibility issues upgrading Spring REST Data independently of the Spring Boot version we recommend that customers make sure they are using a fixed version of Spring Data REST 2.6.9, or 3.0.1. RHOAR has now upgraded to version 1.5.10 of Spring Boot which is compatible with fixed versions of Spring DATA Rest.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-8046"
        },
        {
          "category": "external",
          "summary": "RHBZ#1553024",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553024"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-8046",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-8046",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8046"
        }
      ],
      "release_date": "2018-03-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-14T19:51:07+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2405"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jan Stourac"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-12196",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "discovery_date": "2017-10-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1503055"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that when using Digest authentication, the server does not ensure that the value of the URI in the authorization header matches the URI in the HTTP request line. This allows the attacker to execute a MITM attack and access the desired content on the server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: Client can use bogus uri in Digest authentication",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12196"
        },
        {
          "category": "external",
          "summary": "RHBZ#1503055",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12196",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12196"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196"
        }
      ],
      "release_date": "2018-03-12T15:56:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-14T19:51:07+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2405"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: Client can use bogus uri in Digest authentication"
    },
    {
      "cve": "CVE-2018-1199",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-01-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1540030"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "spring-framework: Improper URL path validation allows for bypassing of security checks on static resources",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-1199"
        },
        {
          "category": "external",
          "summary": "RHBZ#1540030",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540030"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1199",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-1199"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1199",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1199"
        },
        {
          "category": "external",
          "summary": "https://pivotal.io/security/cve-2018-1199",
          "url": "https://pivotal.io/security/cve-2018-1199"
        }
      ],
      "release_date": "2018-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-14T19:51:07+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2405"
        },
        {
          "category": "workaround",
          "details": "As a general precaution, users are encouraged to separate public and private resources. For example, separating static resources and mapping them to /resources/public/** and /resources/private/** is preferred to having one common root with mixed public and private resource content underneath.",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "spring-framework: Improper URL path validation allows for bypassing of security checks on static resources"
    },
    {
      "cve": "CVE-2018-1295",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2018-04-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1563133"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-1295"
        },
        {
          "category": "external",
          "summary": "RHBZ#1563133",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563133"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1295",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-1295"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1295",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1295"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E",
          "url": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E"
        }
      ],
      "release_date": "2018-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-14T19:51:07+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2405"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints"
    },
    {
      "cve": "CVE-2018-9159",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2018-04-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1563732"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "spark: Absolute and relative pathnames allow for unintended static file disclosure",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-9159"
        },
        {
          "category": "external",
          "summary": "RHBZ#1563732",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-9159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-9159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159"
        }
      ],
      "release_date": "2018-03-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-14T19:51:07+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2405"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "spark: Absolute and relative pathnames allow for unintended static file disclosure"
    }
  ]
}

RHSA-2018:2405

Vulnerability from csaf_redhat - Published: 2018-08-14 19:51 - Updated: 2025-11-21 18:05

Summary

Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R7 security and bug fix update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat Fuse Integration Services.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift.\n\nSecurity fix(es):\n\n* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)\n\n* spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code (CVE-2017-8046)\n\n* spring-framework: Improper URL path validation allows for bypassing of security checks on static resources (CVE-2018-1199)\n\n* ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints (CVE-2018-1295)\n\n* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nThe CVE-2017-12196 issue was discovered by Jan Stourac (Red Hat).",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:2405",
        "url": "https://access.redhat.com/errata/RHSA-2018:2405"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/articles/3060411",
        "url": "https://access.redhat.com/articles/3060411"
      },
      {
        "category": "external",
        "summary": "1503055",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055"
      },
      {
        "category": "external",
        "summary": "1540030",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540030"
      },
      {
        "category": "external",
        "summary": "1553024",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553024"
      },
      {
        "category": "external",
        "summary": "1563133",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563133"
      },
      {
        "category": "external",
        "summary": "1563732",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2405.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R7 security and bug fix update",
    "tracking": {
      "current_release_date": "2025-11-21T18:05:50+00:00",
      "generator": {
        "date": "2025-11-21T18:05:50+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2018:2405",
      "initial_release_date": "2018-08-14T19:51:07+00:00",
      "revision_history": [
        {
          "date": "2018-08-14T19:51:07+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-08-14T19:51:07+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T18:05:50+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
                "product": {
                  "name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
                  "product_id": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_fuse:6.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Fuse"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-8046",
      "discovery_date": "2018-03-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1553024"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "While there might be compatibility issues upgrading Spring REST Data independently of the Spring Boot version we recommend that customers make sure they are using a fixed version of Spring Data REST 2.6.9, or 3.0.1. RHOAR has now upgraded to version 1.5.10 of Spring Boot which is compatible with fixed versions of Spring DATA Rest.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-8046"
        },
        {
          "category": "external",
          "summary": "RHBZ#1553024",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553024"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-8046",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-8046",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8046"
        }
      ],
      "release_date": "2018-03-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-14T19:51:07+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2405"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Jan Stourac"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-12196",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "discovery_date": "2017-10-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1503055"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that when using Digest authentication, the server does not ensure that the value of the URI in the authorization header matches the URI in the HTTP request line. This allows the attacker to execute a MITM attack and access the desired content on the server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: Client can use bogus uri in Digest authentication",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12196"
        },
        {
          "category": "external",
          "summary": "RHBZ#1503055",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12196",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12196"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196"
        }
      ],
      "release_date": "2018-03-12T15:56:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-14T19:51:07+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2405"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: Client can use bogus uri in Digest authentication"
    },
    {
      "cve": "CVE-2018-1199",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-01-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1540030"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "spring-framework: Improper URL path validation allows for bypassing of security checks on static resources",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-1199"
        },
        {
          "category": "external",
          "summary": "RHBZ#1540030",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540030"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1199",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-1199"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1199",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1199"
        },
        {
          "category": "external",
          "summary": "https://pivotal.io/security/cve-2018-1199",
          "url": "https://pivotal.io/security/cve-2018-1199"
        }
      ],
      "release_date": "2018-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-14T19:51:07+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2405"
        },
        {
          "category": "workaround",
          "details": "As a general precaution, users are encouraged to separate public and private resources. For example, separating static resources and mapping them to /resources/public/** and /resources/private/** is preferred to having one common root with mixed public and private resource content underneath.",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "spring-framework: Improper URL path validation allows for bypassing of security checks on static resources"
    },
    {
      "cve": "CVE-2018-1295",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2018-04-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1563133"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-1295"
        },
        {
          "category": "external",
          "summary": "RHBZ#1563133",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563133"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-1295",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-1295"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1295",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1295"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E",
          "url": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E"
        }
      ],
      "release_date": "2018-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-14T19:51:07+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2405"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints"
    },
    {
      "cve": "CVE-2018-9159",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2018-04-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1563732"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "spark: Absolute and relative pathnames allow for unintended static file disclosure",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-9159"
        },
        {
          "category": "external",
          "summary": "RHBZ#1563732",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-9159",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-9159"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159"
        }
      ],
      "release_date": "2018-03-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-08-14T19:51:07+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
          "product_ids": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:2405"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "spark: Absolute and relative pathnames allow for unintended static file disclosure"
    }
  ]
}

GHSA-CHP4-RV79-68J3

Vulnerability from github – Published: 2018-10-16 20:53 – Updated: 2024-04-19 19:24

Summary

Apache serialization mechanism does not have a list of classes allowed for serialization/deserialization

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.ignite:ignite-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-1295"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:31:49Z",
    "nvd_published_at": null,
    "severity": "CRITICAL"
  },
  "details": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer.",
  "id": "GHSA-chp4-rv79-68j3",
  "modified": "2024-04-19T19:24:01Z",
  "published": "2018-10-16T20:53:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1295"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:2405"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-chp4-rv79-68j3"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/ignite"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20200227125559/http://www.securityfocus.com/bid/103692"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache serialization mechanism does not have a list of classes allowed for serialization/deserialization"
}

CNVD-2018-07224

Vulnerability from cnvd - Published: 2018-04-09

Title

Apache Ignite任意代码执行漏洞

Description

Apache Ignite是美国阿帕奇（Apache）软件基金会的一套高性能、集成化和分布式的用于大规模的数据集处理的内存计算和事务管理平台。 Apache Ignite 2.3及之前的版本中存在安全漏洞，该漏洞源于序列化机制不含有允许序列化/反序列化类型的列表。攻击者可通过向Ignite组件的反序列化端点发送特制的序列化对象利用该漏洞执行代码。

Severity

中

Patch Name

Apache Ignite任意代码执行漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E

Reference

https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E

Impacted products

Name
Apache Ignite <=2.3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-1295"
    }
  },
  "description": "Apache Ignite\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u9ad8\u6027\u80fd\u3001\u96c6\u6210\u5316\u548c\u5206\u5e03\u5f0f\u7684\u7528\u4e8e\u5927\u89c4\u6a21\u7684\u6570\u636e\u96c6\u5904\u7406\u7684\u5185\u5b58\u8ba1\u7b97\u548c\u4e8b\u52a1\u7ba1\u7406\u5e73\u53f0\u3002\r\n\r\nApache Ignite 2.3\u53ca\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5e8f\u5217\u5316\u673a\u5236\u4e0d\u542b\u6709\u5141\u8bb8\u5e8f\u5217\u5316/\u53cd\u5e8f\u5217\u5316\u7c7b\u578b\u7684\u5217\u8868\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411Ignite\u7ec4\u4ef6\u7684\u53cd\u5e8f\u5217\u5316\u7aef\u70b9\u53d1\u9001\u7279\u5236\u7684\u5e8f\u5217\u5316\u5bf9\u8c61\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002",
  "discovererName": "Man Yue Mo of lgtm.com",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-07224",
  "openTime": "2018-04-09",
  "patchDescription": "Apache Ignite\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u9ad8\u6027\u80fd\u3001\u96c6\u6210\u5316\u548c\u5206\u5e03\u5f0f\u7684\u7528\u4e8e\u5927\u89c4\u6a21\u7684\u6570\u636e\u96c6\u5904\u7406\u7684\u5185\u5b58\u8ba1\u7b97\u548c\u4e8b\u52a1\u7ba1\u7406\u5e73\u53f0\u3002\r\n\r\nApache Ignite 2.3\u53ca\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5e8f\u5217\u5316\u673a\u5236\u4e0d\u542b\u6709\u5141\u8bb8\u5e8f\u5217\u5316/\u53cd\u5e8f\u5217\u5316\u7c7b\u578b\u7684\u5217\u8868\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411Ignite\u7ec4\u4ef6\u7684\u53cd\u5e8f\u5217\u5316\u7aef\u70b9\u53d1\u9001\u7279\u5236\u7684\u5e8f\u5217\u5316\u5bf9\u8c61\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Ignite\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Ignite \u003c=2.3"
  },
  "referenceLink": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E",
  "serverity": "\u4e2d",
  "submitTime": "2018-04-03",
  "title": "Apache Ignite\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

GSD-2018-1295

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-1295

Aliases

CVE-2018-1295

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-1295",
    "description": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer.",
    "id": "GSD-2018-1295",
    "references": [
      "https://access.redhat.com/errata/RHSA-2018:2405"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-1295"
      ],
      "details": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer.",
      "id": "GSD-2018-1295",
      "modified": "2023-12-13T01:22:37.571147Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "DATE_PUBLIC": "2018-04-01T00:00:00",
        "ID": "CVE-2018-1295",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Ignite",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "2.3 and earlier"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Information Disclosure"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "[dev] 20180402 [CVE-2018-1295]: Possible Execution of Arbitrary Code Within Deserialization Endpoints of Apache Ignite",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E"
          },
          {
            "name": "RHSA-2018:2405",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:2405"
          },
          {
            "name": "103692",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/103692"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,2.3.0]",
          "affected_versions": "All versions up to 2.3.0",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-502",
            "CWE-937"
          ],
          "date": "2019-03-05",
          "description": "In Apache Ignite, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3rd party vulnerable classes are present in Ignite classpath.",
          "fixed_versions": [
            "2.4.0"
          ],
          "identifier": "CVE-2018-1295",
          "identifiers": [
            "CVE-2018-1295"
          ],
          "not_impacted": "All version after 2.3.0",
          "package_slug": "maven/org.apache.ignite/ignite-core",
          "pubdate": "2018-04-02",
          "solution": "Upgrade to version 2.4.0 or above.",
          "title": "Deserialization of Untrusted Data",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2018-1295",
            "http://www.securityfocus.com/bid/103692"
          ],
          "uuid": "71133933-2f42-4508-8636-5987253c38ee"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:ignite:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.3.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2018-1295"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-502"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[dev] 20180402 [CVE-2018-1295]: Possible Execution of Arbitrary Code Within Deserialization Endpoints of Apache Ignite",
              "refsource": "MLIST",
              "tags": [
                "Mitigation",
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E"
            },
            {
              "name": "103692",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/103692"
            },
            {
              "name": "RHSA-2018:2405",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:2405"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-03-05T18:38Z",
      "publishedDate": "2018-04-02T17:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-1295 (GCVE-0-2018-1295)

FKIE_CVE-2018-1295

RHSA-2018_2405

RHSA-2018:2405

GHSA-CHP4-RV79-68J3

CNVD-2018-07224

GSD-2018-1295

Tags

Sightings

Nomenclature