ID

VAR-202004-0983


CVE

CVE-2020-1954


TITLE

Apache CXF Vulnerability regarding information leakage in

Trust: 0.8

sources: JVNDB: JVNDB-2020-003650

DESCRIPTION

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX. Apache CXF There is an information leakage vulnerability in.Information may be obtained. Apache CXF is an open source Web service framework of the Apache Software Foundation. The framework supports a variety of Web service standards, a variety of front-end programming API and so on. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 8 Advisory ID: RHSA-2020:4245-01 Product: Red Hat JBoss Enterprise Application Platform Advisory URL: https://access.redhat.com/errata/RHSA-2020:4245 Issue date: 2020-10-13 CVE Names: CVE-2020-1954 CVE-2020-14299 CVE-2020-14338 CVE-2020-14340 ==================================================================== 1. Summary: An update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat JBoss EAP 7.3 for BaseOS-8 - noarch, x86_64 3. Description: Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.3 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.2 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.3 Release Notes for information about the most significant bug fixes and enhancements included in this release. Security Fix(es): * picketbox: JBoss EAP reload to admin-only mode allows authentication bypass (CVE-2020-14299) * wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl (CVE-2020-14338) * xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS (CVE-2020-14340) * cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications. For details about how to apply this update, see: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1824301 - CVE-2020-1954 cxf: JMX integration is vulnerable to a MITM attack 1848533 - CVE-2020-14299 picketbox: JBoss EAP reload to admin-only mode allows authentication bypass 1860054 - CVE-2020-14338 wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl 1860218 - CVE-2020-14340 xnio: file descriptor leak caused by growing amounts of NIO Selector file handles may lead to DoS 6. JIRA issues fixed (https://issues.jboss.org/): JBEAP-19379 - [GSS](7.3.z) Upgrade Hibernate ORM from 5.3.17 to 5.3.18 JBEAP-19444 - Tracker bug for the EAP 7.3.3 release for RHEL-8 JBEAP-19596 - [GSS](7.3.z) CMTOOL-277 - Migration from EAP 6.4 Update 22 to EAP 7.3 create a misspelled 'Application Realm' JBEAP-19613 - (7.3.z) ELY-1975 - Update AcmeClientSpi#obtainCertificate so that it obtains the order URL from the response to newOrder JBEAP-19615 - (7.3.z) ELY-1968 - Update error message returned by AcmeClientSpi#getLocation JBEAP-19642 - (7.3.z) Upgrade jberet-core from 1.3.5.Final to 1.3.7.Final JBEAP-19695 - [GSS](7.3.z) Upgrade Apache CXF from 3.3.5 to 3.3.7 JBEAP-19698 - [GSS](7.3.z) Upgrade Invocation from 1.5.2.Final-redhat-00001 to 1.5.3.Final... JBEAP-19700 - [GSS](7.3.z) Upgrade Migration Tool from 1.7.1-redhat-00003 to 1.7.2-redhat-00001 JBEAP-19701 - [GSS](7.3.z) Upgrade jgroups from 4.1.4.Final-redhat-00001 to 4.1.10.Final-redhat-00001 JBEAP-19715 - [GSS](7.3.z) Upgrade Artemis Native to 1.0.2 JBEAP-19746 - [GSS](7.3.z) Upgrade JBoss Log Manager from 2.1.15 to 2.1.17 JBEAP-19789 - [GSS](7.3.z) Upgrade Narayana from 5.9.8.Final to 5.9.9.Final JBEAP-19791 - [GSS](7.3.z) Upgrade HAL from 3.2.9.Final-redhat-00001 to 3.2.10.Final-redhat-00001 JBEAP-19795 - (7.3.z) Upgrade JSF based on Mojarra 2.3.9.SP11-redhat-00001 to 2.3.9.SP12-redhat-00001 JBEAP-19796 - [GSS](7.3.z) Upgrade Artemis from 2.9.0.redhat-00010 to 2.9.0.redhat-00011 JBEAP-19822 - (7.3.z) Upgrade MP fault-tolerance to 2.1.1 JBEAP-19888 - (7.3.z) Upgrade SmallRye OpenAPI to 1.1.23 JBEAP-19934 - (7.3.z) Upgrade bouncycastle to 1.65 JBEAP-19935 - (7.3.z) Upgrade commons-codec to 1.14 JBEAP-19936 - (7.3.z) Upgrade commons-lang3 from 3.9 to 3.10 JBEAP-19937 - (7.3.z) Upgrade snakeyaml to 1.26 JBEAP-19938 - (7.3.z) Upgrade velocity to 2.2 JBEAP-19939 - (7.3.z) Upgrade httpcomponents httpclient from 4.5.4 to 4.5.12 JBEAP-19940 - (7.3.z) Upgrade httpcomponents httpcore from 4.4.5 to 4.4.13 JBEAP-19942 - (7.3.z) Upgrade XNIO from 3.7.8.SP1 to 3.7.9.Final JBEAP-19955 - (7.3.z) Update xmlschema to 2.2.5 JBEAP-19965 - (7.3.z) Fix PreservePathTestCase after httpclient upgrade JBEAP-20027 - (7.3.z) Upgrade PicketLink bindings from 2.5.5.SP12-redhat-00012 to 2.5.5.SP12-redhat-00013 JBEAP-20037 - [GSS](7.3.z) Upgrade wildfly-transaction-client from 1.1.11.Final-redhat-00001 to 1.1.13.Final-redhat-00001 JBEAP-20064 - (7.3.z) Update PR template to include PR-processor hints for wildfly-core-eap JBEAP-20087 - [GSS](7.3.z) WFLY-13147 - Deployment slowdown after WFLY upgrade (DeploymentArchive handling) JBEAP-20112 - (7.3.z) Upgrade smallrye-fault-tolerance to 4.2.1 7. Package List: Red Hat JBoss EAP 7.3 for BaseOS-8: Source: eap7-activemq-artemis-2.9.0-5.redhat_00011.1.el8eap.src.rpm eap7-activemq-artemis-native-1.0.2-1.redhat_00001.1.el8eap.src.rpm eap7-apache-commons-codec-1.14.0-1.redhat_00001.1.el8eap.src.rpm eap7-apache-commons-lang-3.10.0-1.redhat_00001.1.el8eap.src.rpm eap7-apache-cxf-3.3.7-1.redhat_00001.1.el8eap.src.rpm eap7-artemis-native-1.0.2-3.redhat_1.el8eap.src.rpm eap7-bouncycastle-1.65.0-1.redhat_00001.1.el8eap.src.rpm eap7-glassfish-jsf-2.3.9-11.SP12_redhat_00001.1.el8eap.src.rpm eap7-hal-console-3.2.10-1.Final_redhat_00001.1.el8eap.src.rpm eap7-hibernate-5.3.18-1.Final_redhat_00001.1.el8eap.src.rpm eap7-httpcomponents-client-4.5.12-1.redhat_00001.1.el8eap.src.rpm eap7-httpcomponents-core-4.4.13-1.redhat_00001.1.el8eap.src.rpm eap7-jberet-1.3.7-1.Final_redhat_00001.1.el8eap.src.rpm eap7-jboss-invocation-1.5.3-1.Final_redhat_00001.1.el8eap.src.rpm eap7-jboss-logmanager-2.1.17-1.Final_redhat_00001.1.el8eap.src.rpm eap7-jboss-server-migration-1.7.2-2.Final_redhat_00002.1.el8eap.src.rpm eap7-jboss-xnio-base-3.7.9-1.Final_redhat_00001.1.el8eap.src.rpm eap7-jgroups-4.1.10-1.Final_redhat_00001.1.el8eap.src.rpm eap7-narayana-5.9.9-1.Final_redhat_00001.1.el8eap.src.rpm eap7-picketbox-5.0.3-8.Final_redhat_00007.1.el8eap.src.rpm eap7-picketlink-bindings-2.5.5-25.SP12_redhat_00013.1.el8eap.src.rpm eap7-snakeyaml-1.26.0-1.redhat_00001.1.el8eap.src.rpm eap7-undertow-2.0.31-1.SP1_redhat_00001.1.el8eap.src.rpm eap7-velocity-2.2.0-1.redhat_00001.1.el8eap.src.rpm eap7-wildfly-7.3.3-4.GA_redhat_00004.1.el8eap.src.rpm eap7-wildfly-elytron-1.10.8-1.Final_redhat_00001.1.el8eap.src.rpm eap7-wildfly-transaction-client-1.1.13-1.Final_redhat_00001.1.el8eap.src.rpm eap7-ws-commons-XmlSchema-2.2.5-1.redhat_00001.1.el8eap.src.rpm eap7-xerces-j2-2.12.0-2.SP03_redhat_00001.1.el8eap.src.rpm noarch: eap7-activemq-artemis-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-cli-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-commons-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-core-client-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-dto-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-hornetq-protocol-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-hqclient-protocol-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-jdbc-store-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-jms-client-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-jms-server-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-journal-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-native-1.0.2-1.redhat_00001.1.el8eap.noarch.rpm eap7-activemq-artemis-ra-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-selector-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-server-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-service-extensions-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-activemq-artemis-tools-2.9.0-5.redhat_00011.1.el8eap.noarch.rpm eap7-apache-commons-codec-1.14.0-1.redhat_00001.1.el8eap.noarch.rpm eap7-apache-commons-lang-3.10.0-1.redhat_00001.1.el8eap.noarch.rpm eap7-apache-cxf-3.3.7-1.redhat_00001.1.el8eap.noarch.rpm eap7-apache-cxf-rt-3.3.7-1.redhat_00001.1.el8eap.noarch.rpm eap7-apache-cxf-services-3.3.7-1.redhat_00001.1.el8eap.noarch.rpm eap7-apache-cxf-tools-3.3.7-1.redhat_00001.1.el8eap.noarch.rpm eap7-bouncycastle-1.65.0-1.redhat_00001.1.el8eap.noarch.rpm eap7-bouncycastle-mail-1.65.0-1.redhat_00001.1.el8eap.noarch.rpm eap7-bouncycastle-pkix-1.65.0-1.redhat_00001.1.el8eap.noarch.rpm eap7-bouncycastle-prov-1.65.0-1.redhat_00001.1.el8eap.noarch.rpm eap7-glassfish-jsf-2.3.9-11.SP12_redhat_00001.1.el8eap.noarch.rpm eap7-hal-console-3.2.10-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-5.3.18-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-core-5.3.18-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-entitymanager-5.3.18-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-envers-5.3.18-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-hibernate-java8-5.3.18-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-httpcomponents-client-4.5.12-1.redhat_00001.1.el8eap.noarch.rpm eap7-httpcomponents-core-4.4.13-1.redhat_00001.1.el8eap.noarch.rpm eap7-jberet-1.3.7-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-jberet-core-1.3.7-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-jboss-invocation-1.5.3-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-jboss-logmanager-2.1.17-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-jboss-server-migration-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-cli-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-core-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap6.4-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap6.4-to-eap7.3-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap7.0-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap7.1-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap7.2-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap7.2-to-eap7.3-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-eap7.3-server-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly10.0-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly10.1-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly11.0-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly12.0-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly13.0-server-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly14.0-server-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly15.0-server-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly16.0-server-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly17.0-server-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly18.0-server-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly8.2-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-server-migration-wildfly9.0-1.7.2-2.Final_redhat_00002.1.el8eap.noarch.rpm eap7-jboss-xnio-base-3.7.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-jgroups-4.1.10-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-5.9.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-compensations-5.9.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-jbosstxbridge-5.9.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-jbossxts-5.9.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-jts-idlj-5.9.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-jts-integration-5.9.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-restat-api-5.9.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-restat-bridge-5.9.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-restat-integration-5.9.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-restat-util-5.9.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-narayana-txframework-5.9.9-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-picketbox-5.0.3-8.Final_redhat_00007.1.el8eap.noarch.rpm eap7-picketbox-infinispan-5.0.3-8.Final_redhat_00007.1.el8eap.noarch.rpm eap7-picketlink-bindings-2.5.5-25.SP12_redhat_00013.1.el8eap.noarch.rpm eap7-picketlink-wildfly8-2.5.5-25.SP12_redhat_00013.1.el8eap.noarch.rpm eap7-snakeyaml-1.26.0-1.redhat_00001.1.el8eap.noarch.rpm eap7-undertow-2.0.31-1.SP1_redhat_00001.1.el8eap.noarch.rpm eap7-velocity-2.2.0-1.redhat_00001.1.el8eap.noarch.rpm eap7-velocity-engine-core-2.2.0-1.redhat_00001.1.el8eap.noarch.rpm eap7-wildfly-7.3.3-4.GA_redhat_00004.1.el8eap.noarch.rpm eap7-wildfly-elytron-1.10.8-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-wildfly-elytron-tool-1.10.8-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-wildfly-javadocs-7.3.3-4.GA_redhat_00004.1.el8eap.noarch.rpm eap7-wildfly-modules-7.3.3-4.GA_redhat_00004.1.el8eap.noarch.rpm eap7-wildfly-transaction-client-1.1.13-1.Final_redhat_00001.1.el8eap.noarch.rpm eap7-ws-commons-XmlSchema-2.2.5-1.redhat_00001.1.el8eap.noarch.rpm eap7-xerces-j2-2.12.0-2.SP03_redhat_00001.1.el8eap.noarch.rpm x86_64: eap7-artemis-native-1.0.2-3.redhat_1.el8eap.x86_64.rpm eap7-artemis-native-wildfly-1.0.2-3.redhat_1.el8eap.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 8. References: https://access.redhat.com/security/cve/CVE-2020-1954 https://access.redhat.com/security/cve/CVE-2020-14299 https://access.redhat.com/security/cve/CVE-2020-14338 https://access.redhat.com/security/cve/CVE-2020-14340 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/ https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/ 9. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBX4XdnNzjgjWX9erEAQiXuw//R4g+s6n+rk7hCp48kUecgr/5ci5EP6UM 7BsPN7sPZcLyYiZZsP+/6hHbB/dkfUyL8zJMQBQHHcwjhFkI9diYjraI2/K2BTo8 Fb/JEJoCmDs88/LUUpMebq7SSulBWhtfKYwCCOGy6pCpRAka99nzFXGr1y4H1ozJ berY8tq9PVJLJyuKGyoK+06fENIV2b/Oir68lSGrTMJVQeqb9TclI1pRIZ/8iZNh OQOnXk85y81YrQTlynAlBnlMCtSNEFMBUi5b25Q30ZNxMaegYyezvlgs790hLZQA UUfjAdFsk341kK0uop93y9MnDT1qUiYNG1rJ5DBB0jzyq7zQk2GxwBYg3mhItMhi FBZ6oeePwEEq4Bxpd1vERDQQW+zCpd0jLJ4nvU1wFIQZK7eSBk6Lz4ws2XUHmuru yXCcJZWqkXzQwhYMSq3y1fVcTAl6HcWxoBuX1TU9AmZWKcUlHN9Lo6BF4fMEhXH/ UrQNC+mOnCAjJrD1sGyPlozMnZnu96fVMURTDdz4J9aN1JU1t0fb2MgD3X3VZWto ducjlQPeNTI1+elmaBxAS8A7a+UaN63QgjeCQfzjEky89Jvfv/Ra6i5R5x8LrrQf zMn1XyxOAefzehiV8SR801W8dE7D7RlF5y/TH0ciA/CIzUSNAbb4tDlGcSDPig+a PGc+57G5XO4=OgA5 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Summary: This is a security update for JBoss EAP Continuous Delivery 20. Description: Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. Security Fix(es): * hibernate: SQL injection issue in Hibernate ORM (CVE-2019-14900) * batik: SSRF via "xlink:href" (CVE-2019-17566) * Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain (CVE-2020-1748) * ant: insecure temporary file vulnerability (CVE-2020-1945) * dom4j: XML External Entity vulnerability in default SAX parser (CVE-2020-10683) * hibernate-validator: Improper input validation in the interpolation of constraint error messages (CVE-2020-10693) * wildfly-elytron: session fixation when using FORM authentication (CVE-2020-10714) * cxf: JMX integration is vulnerable to a MITM attack (CVE-2020-1954) * mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2875) * mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS (CVE-2020-2933) * mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete (CVE-2020-2934) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. It is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process. The References section of this erratum contains a download link (you must log in to download the update). Bugs fixed (https://bugzilla.redhat.com/): 1666499 - CVE-2019-14900 hibernate: SQL injection issue in Hibernate ORM 1694235 - CVE-2020-10683 dom4j: XML External Entity vulnerability in default SAX parser 1805501 - CVE-2020-10693 hibernate-validator: Improper input validation in the interpolation of constraint error messages 1807707 - CVE-2020-1748 Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain 1824301 - CVE-2020-1954 cxf: JMX integration is vulnerable to a MITM attack 1825714 - CVE-2020-10714 wildfly-elytron: session fixation when using FORM authentication 1837444 - CVE-2020-1945 ant: insecure temporary file vulnerability 1848617 - CVE-2019-17566 batik: SSRF via "xlink:href" 1851014 - CVE-2020-2934 mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete 1851019 - CVE-2020-2875 mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delete 1851022 - CVE-2020-2933 mysql-connector-java: allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized partial DoS 5. Description: Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications

Trust: 2.43

sources: NVD: CVE-2020-1954 // JVNDB: JVNDB-2020-003650 // VULHUB: VHN-172928 // VULMON: CVE-2020-1954 // PACKETSTORM: 159539 // PACKETSTORM: 159924 // PACKETSTORM: 159538 // PACKETSTORM: 159015 // PACKETSTORM: 159921 // PACKETSTORM: 159541 // PACKETSTORM: 159899

AFFECTED PRODUCTS

vendor:oraclemodel:communications session report managerscope:lteversion:8.2.2

Trust: 1.0

vendor:apachemodel:cxfscope:ltversion:3.2.13

Trust: 1.0

vendor:oraclemodel:communications diameter signaling router idih\:scope:gteversion:8.0.0

Trust: 1.0

vendor:oraclemodel:communications session route managerscope:gteversion:8.2.0

Trust: 1.0

vendor:oraclemodel:communications diameter signaling router idih\:scope:lteversion:8.2.2

Trust: 1.0

vendor:apachemodel:cxfscope:gteversion:3.3.0

Trust: 1.0

vendor:oraclemodel:communications element managerscope:gteversion:8.2.0

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:lteversion:8.2.2

Trust: 1.0

vendor:oraclemodel:communications element managerscope:lteversion:8.2.2

Trust: 1.0

vendor:oraclemodel:communications session route managerscope:lteversion:8.2.2

Trust: 1.0

vendor:oraclemodel:enterprise manager base platformscope:eqversion:13.2.1.0

Trust: 1.0

vendor:oraclemodel:communications diameter signaling routerscope:gteversion:8.0.0

Trust: 1.0

vendor:apachemodel:cxfscope:ltversion:3.3.6

Trust: 1.0

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.56

Trust: 1.0

vendor:netappmodel:snapmanagerscope:eqversion: -

Trust: 1.0

vendor:oraclemodel:communications session report managerscope:gteversion:8.2.0

Trust: 1.0

vendor:netappmodel:oncommand workflow automationscope:eqversion: -

Trust: 1.0

vendor:apachemodel:cxfscope: - version: -

Trust: 0.8

vendor:hitachimodel:ops center common servicesscope:eqversion:(海外販売のみ)

Trust: 0.8

sources: JVNDB: JVNDB-2020-003650 // NVD: CVE-2020-1954

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-1954
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-003650
value: MEDIUM

Trust: 0.8

VULHUB: VHN-172928
value: LOW

Trust: 0.1

VULMON: CVE-2020-1954
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2020-1954
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-003650
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:P/I:N/A:N
accessVector: ADJACENT NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-172928
severity: LOW
baseScore: 2.9
vectorString: AV:A/AC:M/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 5.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-1954
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: ADJACENT
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.6
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-003650
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: ADJACENT NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-172928 // VULMON: CVE-2020-1954 // JVNDB: JVNDB-2020-003650 // NVD: CVE-2020-1954

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-200

Trust: 0.9

sources: VULHUB: VHN-172928 // JVNDB: JVNDB-2020-003650 // NVD: CVE-2020-1954

THREAT TYPE

remote

Trust: 0.3

sources: PACKETSTORM: 159924 // PACKETSTORM: 159015 // PACKETSTORM: 159921

TYPE

sql injection

Trust: 0.3

sources: PACKETSTORM: 159924 // PACKETSTORM: 159015 // PACKETSTORM: 159921

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-003650

PATCH

title:CVE-2020-1954: Apache CXF JMX Integration is vulnerable to a MITM attackurl:http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2

Trust: 0.8

title:hitachi-sec-2020-125url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2020-125/index.html

Trust: 0.8

title:hitachi-sec-2020-125url:https://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2020-125/index.html

Trust: 0.8

title:Red Hat: Moderate: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 6url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204244 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat JBoss Enterprise Application Platform 7.3.3 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204247 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 7url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204246 - Security Advisory

Trust: 0.1

title:Red Hat: Moderate: Red Hat JBoss Enterprise Application Platform 7.3.3 security update on RHEL 8url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20204245 - Security Advisory

Trust: 0.1

title:Red Hat: Important: EAP Continuous Delivery Technical Preview Release 20 security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203585 - Security Advisory

Trust: 0.1

title:Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Ops Center Common Servicesurl:https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories&qid=hitachi-sec-2020-125

Trust: 0.1

sources: VULMON: CVE-2020-1954 // JVNDB: JVNDB-2020-003650

EXTERNAL IDS

db:NVDid:CVE-2020-1954

Trust: 2.7

db:JVNDBid:JVNDB-2020-003650

Trust: 0.8

db:PACKETSTORMid:159015

Trust: 0.2

db:PACKETSTORMid:159539

Trust: 0.2

db:PACKETSTORMid:159541

Trust: 0.2

db:PACKETSTORMid:159921

Trust: 0.2

db:PACKETSTORMid:159899

Trust: 0.2

db:PACKETSTORMid:159924

Trust: 0.2

db:PACKETSTORMid:159538

Trust: 0.2

db:PACKETSTORMid:159540

Trust: 0.1

db:CNVDid:CNVD-2020-29873

Trust: 0.1

db:CNNVDid:CNNVD-202004-049

Trust: 0.1

db:VULHUBid:VHN-172928

Trust: 0.1

db:VULMONid:CVE-2020-1954

Trust: 0.1

sources: VULHUB: VHN-172928 // VULMON: CVE-2020-1954 // JVNDB: JVNDB-2020-003650 // PACKETSTORM: 159539 // PACKETSTORM: 159924 // PACKETSTORM: 159538 // PACKETSTORM: 159015 // PACKETSTORM: 159921 // PACKETSTORM: 159541 // PACKETSTORM: 159899 // NVD: CVE-2020-1954

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2020-1954

Trust: 1.5

url:https://www.oracle.com/security-alerts/cpuoct2020.html

Trust: 1.2

url:https://security.netapp.com/advisory/ntap-20220210-0001/

Trust: 1.1

url:http://cxf.apache.org/security-advisories.data/cve-2020-1954.txt.asc?version=1&modificationdate=1585730169000&api=v2

Trust: 1.1

url:https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3ccommits.cxf.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3ccommits.cxf.apache.org%3e

Trust: 1.0

url:https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3ccommits.cxf.apache.org%3e

Trust: 1.0

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-1954

Trust: 0.8

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.7

url:https://bugzilla.redhat.com/):

Trust: 0.7

url:https://access.redhat.com/security/cve/cve-2020-1954

Trust: 0.7

url:https://access.redhat.com/security/team/contact/

Trust: 0.7

url:https://access.redhat.com/security/updates/classification/#moderate

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2020-14299

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-14299

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-14338

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-14338

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2020-14340

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2020-14340

Trust: 0.4

url:https://issues.jboss.org/):

Trust: 0.3

url:https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/

Trust: 0.3

url:https://access.redhat.com/security/team/key/

Trust: 0.3

url:https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/

Trust: 0.3

url:https://access.redhat.com/articles/11258

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-10714

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-14900

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-10683

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-10714

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2020-10683

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-14900

Trust: 0.3

url:https://access.redhat.com/errata/rhsa-2020:4244

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-2875

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-2934

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-2933

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17566

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-1945

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-10693

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-17566

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-1945

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-2875

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-2934

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-2933

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-10693

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-1748

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2020-1748

Trust: 0.2

url:http://cxf.apache.org/security-advisories.data/cve-2020-1954.txt.asc?version=1&amp;modificationdate=1585730169000&amp;api=v2

Trust: 0.1

url:https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3ccommits.cxf.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3ccommits.cxf.apache.org%3e

Trust: 0.1

url:https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3ccommits.cxf.apache.org%3e

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/200.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/178938

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:4961

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.9/

Trust: 0.1

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions&product=rhpam&version=7.9.0

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:4245

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-6950

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-1719

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-10172

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10740

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:3585

Trust: 0.1

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions&product\xeap-cd&version

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11612

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10719

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-1719

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10705

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10673

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-10172

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10705

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-6950

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10740

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-11612

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10719

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/jboss_enterprise_application_platform_continuous_delivery/20/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-14371

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-14371

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10673

Trust: 0.1

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=distributions&product=rhdm&version=7.9.0

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.9/

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:4960

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:4246

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2020:4931

Trust: 0.1

url:https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.4/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-14389

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10776

Trust: 0.1

url:https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.rhsso&downloadtype=securitypatches&version=7.4

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-10776

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-14389

Trust: 0.1

sources: VULHUB: VHN-172928 // VULMON: CVE-2020-1954 // JVNDB: JVNDB-2020-003650 // PACKETSTORM: 159539 // PACKETSTORM: 159924 // PACKETSTORM: 159538 // PACKETSTORM: 159015 // PACKETSTORM: 159921 // PACKETSTORM: 159541 // PACKETSTORM: 159899 // NVD: CVE-2020-1954

CREDITS

Red Hat

Trust: 0.7

sources: PACKETSTORM: 159539 // PACKETSTORM: 159924 // PACKETSTORM: 159538 // PACKETSTORM: 159015 // PACKETSTORM: 159921 // PACKETSTORM: 159541 // PACKETSTORM: 159899

SOURCES

db:VULHUBid:VHN-172928
db:VULMONid:CVE-2020-1954
db:JVNDBid:JVNDB-2020-003650
db:PACKETSTORMid:159539
db:PACKETSTORMid:159924
db:PACKETSTORMid:159538
db:PACKETSTORMid:159015
db:PACKETSTORMid:159921
db:PACKETSTORMid:159541
db:PACKETSTORMid:159899
db:NVDid:CVE-2020-1954

LAST UPDATE DATE

2024-11-24T20:36:24.777000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-172928date:2022-02-21T00:00:00
db:VULMONid:CVE-2020-1954date:2021-04-02T00:00:00
db:JVNDBid:JVNDB-2020-003650date:2020-08-24T00:00:00
db:NVDid:CVE-2020-1954date:2024-11-21T05:11:43.723

SOURCES RELEASE DATE

db:VULHUBid:VHN-172928date:2020-04-01T00:00:00
db:VULMONid:CVE-2020-1954date:2020-04-01T00:00:00
db:JVNDBid:JVNDB-2020-003650date:2020-04-22T00:00:00
db:PACKETSTORMid:159539date:2020-10-13T20:24:30
db:PACKETSTORMid:159924date:2020-11-06T15:18:46
db:PACKETSTORMid:159538date:2020-10-13T20:24:21
db:PACKETSTORMid:159015date:2020-08-31T16:22:15
db:PACKETSTORMid:159921date:2020-11-06T15:06:03
db:PACKETSTORMid:159541date:2020-10-13T20:24:49
db:PACKETSTORMid:159899date:2020-11-05T16:59:52
db:NVDid:CVE-2020-1954date:2020-04-01T21:15:14.597