rhsa-2014_0401
Vulnerability from csaf_redhat
Published
2014-04-14 13:46
Modified
2024-11-22 08:11
Summary
Red Hat Security Advisory: Red Hat JBoss A-MQ 6.1.0 update
Notes
Topic
Red Hat JBoss A-MQ 6.1.0, which fixes multiple security issues, several
bugs, and adds various enhancements, is now available from the Red Hat
Customer Portal.
The Red Hat Security Response Team has rated this update as having
Moderate security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant
messaging system that is tailored for use in mission critical applications.
Red Hat JBoss A-MQ 6.1.0 is a minor product release that updates Red Hat
JBoss A-MQ 6.0.0 and includes several bug fixes and enhancements. Refer to
the Release Notes document, available from the link in the References
section, for a list of changes.
The following security issues are resolved with this update:
A flaw was found in the Apache Hadoop RPC protocol. A man-in-the-middle
attacker could possibly use this flaw to unilaterally disable bidirectional
authentication between a client and a server, forcing a downgrade to simple
(unidirectional) authentication. This flaw only affected users who have
enabled Hadoop's Kerberos security features. (CVE-2013-2192)
It was discovered that the Spring OXM wrapper did not expose any property
for disabling entity resolution when using the JAXB unmarshaller. A remote
attacker could use this flaw to conduct XML External Entity (XXE) attacks
on web sites, and read files in the context of the user running the
application server. The patch for this flaw disables external entity
processing by default, and provides a configuration directive to re-enable
it. (CVE-2013-4152)
It was found that the Spring MVC SourceHttpMessageConverter enabled entity
resolution by default. A remote attacker could use this flaw to conduct XXE
attacks on web sites, and read files in the context of the user running the
application server. The patch for this flaw disables external entity
processing by default, and introduces a property to re-enable it.
(CVE-2013-6429)
The Spring JavaScript escape method insufficiently escaped some characters.
Applications using this method to escape user-supplied content, which would
be rendered in HTML5 documents, could be exposed to cross-site scripting
(XSS) flaws. (CVE-2013-6430)
A denial of service flaw was found in the way Apache Commons FileUpload
handled small-sized buffers used by MultipartStream. A remote attacker
could use this flaw to create a malformed Content-Type header for a
multipart request, causing Apache Commons FileUpload to enter an infinite
loop when processing such an incoming request. (CVE-2014-0050)
It was found that fixes for the CVE-2013-4152 and CVE-2013-6429 XXE issues
in Spring were incomplete. Spring MVC processed user-provided XML and
neither disabled XML external entities nor provided an option to disable
them, possibly allowing a remote attacker to conduct XXE attacks.
(CVE-2014-0054)
A cross-site scripting (XSS) flaw was found in the Spring Framework when
using Spring MVC. When the action was not specified in a Spring form, the
action field would be populated with the requested URI, allowing an
attacker to inject malicious content into the form. (CVE-2014-1904)
The HawtJNI Library class wrote native libraries to a predictable file name
in /tmp when the native libraries were bundled in a JAR file, and no custom
library path was specified. A local attacker could overwrite these native
libraries with malicious versions during the window between when HawtJNI
writes them and when they are executed. (CVE-2013-2035)
An information disclosure flaw was found in the way Apache Zookeeper stored
the password of an administrative user in the log files. A local user with
access to these log files could use the exposed sensitive information to
gain administrative access to an application using Apache Zookeeper.
(CVE-2014-0085)
The CVE-2013-6430 issue was discovered by Jon Passki of Coverity SRL and
Arun Neelicattu of the Red Hat Security Response Team, the CVE-2013-2035
issue was discovered by Florian Weimer of the Red Hat Product Security
Team, and the CVE-2014-0085 issue was discovered by Graeme Colman of
Red Hat.
All users of Red Hat JBoss A-MQ 6.0.0 as provided from the Red Hat Customer
Portal are advised to apply this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat JBoss A-MQ 6.1.0, which fixes multiple security issues, several\nbugs, and adds various enhancements, is now available from the Red Hat\nCustomer Portal.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant\nmessaging system that is tailored for use in mission critical applications.\n\nRed Hat JBoss A-MQ 6.1.0 is a minor product release that updates Red Hat\nJBoss A-MQ 6.0.0 and includes several bug fixes and enhancements. Refer to\nthe Release Notes document, available from the link in the References\nsection, for a list of changes.\n\nThe following security issues are resolved with this update:\n\nA flaw was found in the Apache Hadoop RPC protocol. A man-in-the-middle\nattacker could possibly use this flaw to unilaterally disable bidirectional\nauthentication between a client and a server, forcing a downgrade to simple\n(unidirectional) authentication. This flaw only affected users who have\nenabled Hadoop\u0027s Kerberos security features. (CVE-2013-2192)\n\nIt was discovered that the Spring OXM wrapper did not expose any property\nfor disabling entity resolution when using the JAXB unmarshaller. A remote\nattacker could use this flaw to conduct XML External Entity (XXE) attacks\non web sites, and read files in the context of the user running the\napplication server. The patch for this flaw disables external entity\nprocessing by default, and provides a configuration directive to re-enable\nit. (CVE-2013-4152)\n\nIt was found that the Spring MVC SourceHttpMessageConverter enabled entity\nresolution by default. A remote attacker could use this flaw to conduct XXE\nattacks on web sites, and read files in the context of the user running the\napplication server. The patch for this flaw disables external entity\nprocessing by default, and introduces a property to re-enable it.\n(CVE-2013-6429)\n\nThe Spring JavaScript escape method insufficiently escaped some characters.\nApplications using this method to escape user-supplied content, which would\nbe rendered in HTML5 documents, could be exposed to cross-site scripting\n(XSS) flaws. (CVE-2013-6430)\n\nA denial of service flaw was found in the way Apache Commons FileUpload\nhandled small-sized buffers used by MultipartStream. A remote attacker\ncould use this flaw to create a malformed Content-Type header for a\nmultipart request, causing Apache Commons FileUpload to enter an infinite\nloop when processing such an incoming request. (CVE-2014-0050)\n\nIt was found that fixes for the CVE-2013-4152 and CVE-2013-6429 XXE issues\nin Spring were incomplete. Spring MVC processed user-provided XML and\nneither disabled XML external entities nor provided an option to disable\nthem, possibly allowing a remote attacker to conduct XXE attacks.\n(CVE-2014-0054)\n\nA cross-site scripting (XSS) flaw was found in the Spring Framework when\nusing Spring MVC. When the action was not specified in a Spring form, the\naction field would be populated with the requested URI, allowing an\nattacker to inject malicious content into the form. (CVE-2014-1904)\n\nThe HawtJNI Library class wrote native libraries to a predictable file name\nin /tmp when the native libraries were bundled in a JAR file, and no custom\nlibrary path was specified. A local attacker could overwrite these native\nlibraries with malicious versions during the window between when HawtJNI\nwrites them and when they are executed. (CVE-2013-2035)\n\nAn information disclosure flaw was found in the way Apache Zookeeper stored\nthe password of an administrative user in the log files. A local user with\naccess to these log files could use the exposed sensitive information to\ngain administrative access to an application using Apache Zookeeper.\n(CVE-2014-0085)\n\nThe CVE-2013-6430 issue was discovered by Jon Passki of Coverity SRL and\nArun Neelicattu of the Red Hat Security Response Team, the CVE-2013-2035\nissue was discovered by Florian Weimer of the Red Hat Product Security\nTeam, and the CVE-2014-0085 issue was discovered by Graeme Colman of\nRed Hat.\n\nAll users of Red Hat JBoss A-MQ 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2014:0401", "url": "https://access.redhat.com/errata/RHSA-2014:0401" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.amq\u0026downloadType=distributions\u0026version=6.1.0", "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.amq\u0026downloadType=distributions\u0026version=6.1.0" }, { "category": "external", "summary": "https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_A-MQ/", "url": "https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_A-MQ/" }, { "category": "external", "summary": "958618", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=958618" }, { "category": "external", "summary": "1000186", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000186" }, { "category": "external", "summary": "1001326", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1001326" }, { "category": "external", "summary": "1039783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039783" }, { "category": "external", "summary": "1053290", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053290" }, { "category": "external", "summary": "1062337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062337" }, { "category": "external", "summary": "1067265", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1067265" }, { "category": "external", "summary": "1075296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075296" }, { "category": "external", "summary": "1075328", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075328" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0401.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss A-MQ 6.1.0 update", "tracking": { "current_release_date": "2024-11-22T08:11:43+00:00", "generator": { "date": "2024-11-22T08:11:43+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2014:0401", "initial_release_date": "2014-04-14T13:46:41+00:00", "revision_history": [ { "date": "2014-04-14T13:46:41+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-02-20T12:33:04+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T08:11:43+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss A-MQ 6.1", "product": { "name": "Red Hat JBoss A-MQ 6.1", "product_id": "Red Hat JBoss A-MQ 6.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_amq:6.1.0" } } } ], "category": "product_family", "name": "Red Hat JBoss AMQ" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-1624", "cwe": { "id": "CWE-385", "name": "Covert Timing Channel" }, "discovery_date": "2013-02-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "908428" } ], "notes": [ { "category": "description", "text": "It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.", "title": "Vulnerability description" }, { "category": "summary", "text": "bouncycastle: TLS CBC padding timing attack", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1624" }, { "category": "external", "summary": "RHBZ#908428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=908428" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1624", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1624" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624" }, { "category": "external", "summary": "http://www.isg.rhul.ac.uk/tls/", "url": "http://www.isg.rhul.ac.uk/tls/" }, { "category": "external", "summary": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf", "url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf" } ], "release_date": "2013-02-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-14T13:46:41+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0401" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "Red Hat JBoss A-MQ 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "bouncycastle: TLS CBC padding timing attack" }, { "acknowledgments": [ { "names": [ "Florian Weimer" ], "organization": "Red Hat Product Security Team", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2013-2035", "cwe": { "id": "CWE-377", "name": "Insecure Temporary File" }, "discovery_date": "2013-04-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "958618" } ], "notes": [ { "category": "description", "text": "The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJNI writes them and when they are executed.", "title": "Vulnerability description" }, { "category": "summary", "text": "HawtJNI: predictable temporary file name leading to local arbitrary code execution", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2035" }, { "category": "external", "summary": "RHBZ#958618", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=958618" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2035", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2035" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2035", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2035" } ], "release_date": "2013-05-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-14T13:46:41+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0401" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss A-MQ 6.1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "HawtJNI: predictable temporary file name leading to local arbitrary code execution" }, { "cve": "CVE-2013-2192", "discovery_date": "2013-08-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1001326" } ], "notes": [ { "category": "description", "text": "The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade to simple authentication.", "title": "Vulnerability description" }, { "category": "summary", "text": "hadoop: man-in-the-middle vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2192" }, { "category": "external", "summary": "RHBZ#1001326", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1001326" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2192", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2192" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2192", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2192" } ], "release_date": "2013-08-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-14T13:46:41+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0401" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.2, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss A-MQ 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hadoop: man-in-the-middle vulnerability" }, { "cve": "CVE-2013-4152", "discovery_date": "2013-08-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1000186" } ], "notes": [ { "category": "description", "text": "The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "Framework: XML External Entity (XXE) injection flaw", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4152" }, { "category": "external", "summary": "RHBZ#1000186", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000186" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4152", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4152" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4152", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4152" }, { "category": "external", "summary": "http://www.gopivotal.com/security/cve-2013-4152", "url": "http://www.gopivotal.com/security/cve-2013-4152" }, { "category": "external", "summary": "https://github.com/SpringSource/spring-framework/pull/317", "url": "https://github.com/SpringSource/spring-framework/pull/317" }, { "category": "external", "summary": "https://jira.springsource.org/browse/SPR-10806", "url": "https://jira.springsource.org/browse/SPR-10806" } ], "release_date": "2013-08-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-14T13:46:41+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0401" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss A-MQ 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Framework: XML External Entity (XXE) injection flaw" }, { "cve": "CVE-2013-6429", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053290" } ], "notes": [ { "category": "description", "text": "The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.", "title": "Vulnerability description" }, { "category": "summary", "text": "Framework: XML External Entity (XXE) injection flaw", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-6429" }, { "category": "external", "summary": "RHBZ#1053290", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053290" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-6429", "url": "https://www.cve.org/CVERecord?id=CVE-2013-6429" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6429", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6429" }, { "category": "external", "summary": "http://www.gopivotal.com/security/cve-2013-6429", "url": "http://www.gopivotal.com/security/cve-2013-6429" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-14T13:46:41+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0401" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss A-MQ 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Framework: XML External Entity (XXE) injection flaw" }, { "acknowledgments": [ { "names": [ "Jon Passki" ], "organization": "Coverity SRL" }, { "names": [ "Arun Neelicattu" ], "organization": "Red Hat Security Response Team", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2013-6430", "discovery_date": "2013-12-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1039783" } ], "notes": [ { "category": "description", "text": "The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.", "title": "Vulnerability description" }, { "category": "summary", "text": "Framework: org.spring.web.util.JavaScriptUtils.javaScriptEscape insufficient escaping of characters", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-6430" }, { "category": "external", "summary": "RHBZ#1039783", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039783" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-6430", "url": "https://www.cve.org/CVERecord?id=CVE-2013-6430" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6430", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6430" }, { "category": "external", "summary": "http://www.gopivotal.com/security/cve-2013-6430", "url": "http://www.gopivotal.com/security/cve-2013-6430" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-14T13:46:41+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0401" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss A-MQ 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Framework: org.spring.web.util.JavaScriptUtils.javaScriptEscape insufficient escaping of characters" }, { "cve": "CVE-2014-0050", "discovery_date": "2014-02-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1062337" } ], "notes": [ { "category": "description", "text": "A denial of service flaw was found in the way Apache Commons FileUpload, which is embedded in Tomcat and JBoss Web, handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing Tomcat to enter an infinite loop when processing such an incoming request.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache-commons-fileupload: denial of service due to too-small buffer size used by MultipartStream", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0050" }, { "category": "external", "summary": "RHBZ#1062337", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062337" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0050", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0050" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0050", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0050" } ], "release_date": "2014-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-14T13:46:41+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0401" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "Red Hat JBoss A-MQ 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "apache-commons-fileupload: denial of service due to too-small buffer size used by MultipartStream" }, { "cve": "CVE-2014-0054", "discovery_date": "2014-03-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1075328" } ], "notes": [ { "category": "description", "text": "The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.", "title": "Vulnerability description" }, { "category": "summary", "text": "Framework: incomplete fix for CVE-2013-7315/CVE-2013-6429", "title": "Vulnerability summary" }, { "category": "other", "text": "The Red Hat Security Response Team has rated this issue as having Moderate security impact. OpenShift Enterprise 1 is currently in the Production 1 phase of its lifecycle, as such this issue is not currently planned to be addressed in future updates. For additional information, refer to the Satellite Life Cycle: https://access.redhat.com/site/support/policy/updates/openshift page.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0054" }, { "category": "external", "summary": "RHBZ#1075328", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075328" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0054", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0054" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0054", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0054" }, { "category": "external", "summary": "http://www.gopivotal.com/security/cve-2014-0054", "url": "http://www.gopivotal.com/security/cve-2014-0054" } ], "release_date": "2014-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-14T13:46:41+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0401" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss A-MQ 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Framework: incomplete fix for CVE-2013-7315/CVE-2013-6429" }, { "acknowledgments": [ { "names": [ "Graeme Colman" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2014-0085", "cwe": { "id": "CWE-522", "name": "Insufficiently Protected Credentials" }, "discovery_date": "2014-02-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1067265" } ], "notes": [ { "category": "description", "text": "JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local users. This issue is a vulnerability in JBoss Fuse\u0027s usage of Apache Zookeeper, not in Zookeeper itself as was previously stated.", "title": "Vulnerability description" }, { "category": "summary", "text": "Fuse: admin user cleartext password appears in logging", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw only affects Apache Zookeeper in conjunction with Fuse Fabric. Fuse Fabric was storing cleartext passwords, which would appear as cleartext in Apache Zookeeper\u0027s log files. Fuse Fabric now encrypts passwords by default.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0085" }, { "category": "external", "summary": "RHBZ#1067265", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1067265" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0085", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0085" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0085", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0085" } ], "release_date": "2014-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-14T13:46:41+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0401" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss A-MQ 6.1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Fuse: admin user cleartext password appears in logging" }, { "cve": "CVE-2014-1904", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2014-03-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1075296" } ], "notes": [ { "category": "description", "text": "Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.", "title": "Vulnerability description" }, { "category": "summary", "text": "Framework: cross-site scripting flaw when using Spring MVC", "title": "Vulnerability summary" }, { "category": "other", "text": "The Red Hat Security Response Team has rated this issue as having Moderate security impact. OpenShift Enterprise 1 is currently in the Production 1 phase of its lifecycle, as such this issue is not currently planned to be addressed in future updates. For additional information, refer to the Satellite Life Cycle: https://access.redhat.com/site/support/policy/updates/openshift page.\n\nFuse ESB Enterprise is now in Maintenance Support phase receiving only qualified Important and Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Fuse Product Life Cycle: https://access.redhat.com/support/policy/updates/fusesource/", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss A-MQ 6.1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-1904" }, { "category": "external", "summary": "RHBZ#1075296", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075296" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-1904", "url": "https://www.cve.org/CVERecord?id=CVE-2014-1904" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1904", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1904" }, { "category": "external", "summary": "http://www.gopivotal.com/security/cve-2014-1904", "url": "http://www.gopivotal.com/security/cve-2014-1904" } ], "release_date": "2014-02-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-14T13:46:41+00:00", "details": "The References section of this erratum contains a download link (you must\nlog in to download the update).", "product_ids": [ "Red Hat JBoss A-MQ 6.1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0401" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "Red Hat JBoss A-MQ 6.1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Framework: cross-site scripting flaw when using Spring MVC" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.