rhsa-2020_4961
Vulnerability from csaf_redhat
Published
2020-11-05 18:48
Modified
2024-09-16 04:55
Summary
Red Hat Security Advisory: Red Hat Process Automation Manager 7.9.0 security update
Notes
Topic
An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
This release of Red Hat Process Automation Manager 7.9.0 serves as an update to Red Hat Process Automation Manager 7.8.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)
* batik: SSRF via "xlink:href" (CVE-2019-17566)
* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)
* ant: insecure temporary file vulnerability (CVE-2020-1945)
* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)
* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)
* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)
* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)
* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2875)
* mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS (CVE-2020-2933)
* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2934)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Process Automation Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis release of Red Hat Process Automation Manager 7.9.0 serves as an update to Red Hat Process Automation Manager 7.8.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900)\n\n* batik: SSRF via \"xlink:href\" (CVE-2019-17566)\n\n* Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748)\n\n* ant: insecure temporary file vulnerability (CVE-2020-1945)\n\n* dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683)\n\n* hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693)\n\n* wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714)\n\n* cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954)\n\n* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2875)\n\n* mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS (CVE-2020-2933)\n\n* mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2934)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4961",
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.9.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.9.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.9/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.9/"
},
{
"category": "external",
"summary": "1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "1837444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837444"
},
{
"category": "external",
"summary": "1848617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848617"
},
{
"category": "external",
"summary": "1851014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851014"
},
{
"category": "external",
"summary": "1851019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851019"
},
{
"category": "external",
"summary": "1851022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851022"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2020/rhsa-2020_4961.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Process Automation Manager 7.9.0 security update",
"tracking": {
"current_release_date": "2024-09-16T04:55:00+00:00",
"generator": {
"date": "2024-09-16T04:55:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2020:4961",
"initial_release_date": "2020-11-05T18:48:33+00:00",
"revision_history": [
{
"date": "2020-11-05T18:48:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-05T18:48:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T04:55:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHPAM 7.9.0",
"product": {
"name": "RHPAM 7.9.0",
"product_id": "RHPAM 7.9.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Guillaume Smet"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14900",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2019-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666499"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate: SQL injection issue in Hibernate ORM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight:\nIn RHOSP10, RHOSP13 and RHOSP14 editions of Red Hat OpenStack platform, the hibernate-jfa library shipped with OpenDaylight is contains a flaw in the processing of SQL queries. The hibernate-jha implemenation is not used in a vulnerable way in OpenDaylight, preventing the potential for SQL injection.\n\nRed Hat Satellite 6.2, 6.3 and 6.4 contains affected versions of hibernate-core in its candlepin component. However, that component does not use hibernate-core in a vulnerable way.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "RHBZ#1666499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14900"
}
],
"release_date": "2020-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
},
{
"category": "workaround",
"details": "There is no currently known mitigation for this flaw.",
"product_ids": [
"RHPAM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate: SQL injection issue in Hibernate ORM"
},
{
"cve": "CVE-2019-17566",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2020-06-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1848617"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Batik library, where it is vulnerable to a Server-Side Request Forgery attack (SSRF) via \"xlink:href\" attributes. This flaw allows an attacker to cause the underlying server to make arbitrary GET requests. The highest threat from this vulnerability is to system integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "batik: SSRF via \"xlink:href\"",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17566"
},
{
"category": "external",
"summary": "RHBZ#1848617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17566",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17566"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17566",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17566"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "batik: SSRF via \"xlink:href\""
},
{
"cve": "CVE-2020-1748",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1807707"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1748"
},
{
"category": "external",
"summary": "RHBZ#1807707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1807707"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1748",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1748"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain"
},
{
"cve": "CVE-2020-1945",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2020-05-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1837444"
}
],
"notes": [
{
"category": "description",
"text": "Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ant: insecure temporary file vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of ant package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1945"
},
{
"category": "external",
"summary": "RHBZ#1837444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1837444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1945",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1945"
}
],
"release_date": "2020-05-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
},
{
"category": "workaround",
"details": "For versions 1.1 to 1.9.14 and 1.10.0 to 1.10.7, set the java.io.tmpdir system property to a private directory-- only readable and writable by the current user-- before running Ant.\n\nFor versions 1.9.15 and 1.10.8, use the Ant property ant.tmpfile instead. Ant 1.10.8 protects the temporary files if the underlying filesystem allows it, but using a private temporary directory is still recommended.",
"product_ids": [
"RHPAM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ant: insecure temporary file vulnerability"
},
{
"cve": "CVE-2020-1954",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824301"
}
],
"notes": [
{
"category": "description",
"text": "Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the \u2018createMBServerConnectorFactory\u2018 property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cxf: JMX integration is vulnerable to a MITM attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1954"
},
{
"category": "external",
"summary": "RHBZ#1824301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824301"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1954",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1954"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1954"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cxf: JMX integration is vulnerable to a MITM attack"
},
{
"cve": "CVE-2020-2875",
"discovery_date": "2020-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user\u0027s connection and insert unauthorized SQL commands in MySQL Connectors and other products.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux customers are advised to replace the mysql-connector-java package with the mariadb-java-client, available in Red Hat Software Collections. It can be installed this way:\n\n # yum-config-manager --enable rhel-server-rhscl-7-rpms\n\n # yum install rh-mariadb103-mariadb-java-client",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2875"
},
{
"category": "external",
"summary": "RHBZ#1851019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2875",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2875"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete"
},
{
"cve": "CVE-2020-2933",
"discovery_date": "2020-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user\u0027s connection, causing a denial of service of the MySQL Connectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux customers are advised to replace the mysql-connector-java package with the mariadb-java-client, available in Red Hat Software Collections. It can be installed this way:\n\n # yum-config-manager --enable rhel-server-rhscl-7-rpms\n\n # yum install rh-mariadb103-mariadb-java-client",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2933"
},
{
"category": "external",
"summary": "RHBZ#1851022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2933",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2933"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2933",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2933"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS"
},
{
"cve": "CVE-2020-2934",
"discovery_date": "2020-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1851014"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mysql-connector-java package. A complicated attack against the mysql Connector/J allows attackers on the local network to interfere with a user\u0027s connection and insert unauthorized SQL commands.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux customers are advised to replace the mysql-connector-java package with the mariadb-java-client, available in Red Hat Software Collections. It can be installed this way:\n\n # yum-config-manager --enable rhel-server-rhscl-7-rpms\n\n # yum install rh-mariadb103-mariadb-java-client",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2934"
},
{
"category": "external",
"summary": "RHBZ#1851014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2934",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2934"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2934",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2934"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete"
},
{
"acknowledgments": [
{
"names": [
"Adith Sudhakar"
]
}
],
"cve": "CVE-2020-10683",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1694235"
}
],
"notes": [
{
"category": "description",
"text": "dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dom4j: XML External Entity vulnerability in default SAX parser",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable version of dom4j library. However it\u0027s used to parse configuration files, which are local disk resources. We\u0027ve rated this issue with a moderate impact for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10683"
},
{
"category": "external",
"summary": "RHBZ#1694235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694235"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10683"
}
],
"release_date": "2020-04-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dom4j: XML External Entity vulnerability in default SAX parser"
},
{
"acknowledgments": [
{
"names": [
"Alvaro Mu\u00f1oz"
],
"organization": "GitHub Security Labs"
}
],
"cve": "CVE-2020-10693",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-02-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1805501"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hibernate-validator: Improper input validation in the interpolation of constraint error messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "hibernate-validator is packaged with Red Hat OpenStack Platform 13.0\u0027s OpenDaylight (ODL). However, because ODL is technical preview in this version and the flaw is moderate, Red Hat will not be releasing a fix for the OpenStack package at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10693"
},
{
"category": "external",
"summary": "RHBZ#1805501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805501"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10693",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10693"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
},
{
"category": "workaround",
"details": "You can pass user input as an expression variable by unwrapping the context to HibernateConstraintValidatorContext. Please refer to the https://in.relation.to/2020/05/07/hibernate-validator-615-6020-released/ and https://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_single/#_the_code_constraintvalidatorcontext_code.",
"product_ids": [
"RHPAM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hibernate-validator: Improper input validation in the interpolation of constraint error messages"
},
{
"acknowledgments": [
{
"names": [
"Mark Banierink"
],
"organization": "Nedap"
}
],
"cve": "CVE-2020-10714",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1825714"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: session fixation when using FORM authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"RHPAM 7.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10714"
},
{
"category": "external",
"summary": "RHBZ#1825714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825714"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10714",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10714"
}
],
"release_date": "2020-04-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"RHPAM 7.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4961"
},
{
"category": "workaround",
"details": "This attack is dependent on the attacker being able to create a session and the victim accessing the session before the session expires, we do have a 15 minute session timeout by default but the attacker could also keep this alive by say sending in a request every five minutes.\n\nThe server by default supports session tracking by URL and Cookie, if the web.xml is updated to support COOKIE only the exploit is not possible by sharing the link.\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eURL\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~\nTO\n~~~\n \u003csession-config\u003e\n \u003ctracking-mode\u003eCOOKIE\u003c/tracking-mode\u003e\n \u003c/session-config\u003e\n~~~",
"product_ids": [
"RHPAM 7.9.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"RHPAM 7.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: session fixation when using FORM authentication"
}
]
}
Loading...