Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2013-1624 (GCVE-0-2013-1624)
Vulnerability from cvelistv5 – Published: 2013-02-08 19:00 – Updated: 2024-08-06 15:04
VLAI
EPSS
Summary
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.isg.rhul.ac.uk/tls/TLStiming.pdf | x_refsource_MISC |
| http://openwall.com/lists/oss-security/2013/02/05/24 | mailing-listx_refsource_MLIST |
| http://rhn.redhat.com/errata/RHSA-2014-0371.html | vendor-advisoryx_refsource_REDHAT |
| http://secunia.com/advisories/57719 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/57716 | third-party-advisoryx_refsource_SECUNIA |
| http://rhn.redhat.com/errata/RHSA-2014-0372.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2013-02-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.485Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
},
{
"name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2013/02/05/24"
},
{
"name": "RHSA-2014:0371",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html"
},
{
"name": "57719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57719"
},
{
"name": "57716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57716"
},
{
"name": "RHSA-2014:0372",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-02-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
},
{
"name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2013/02/05/24"
},
{
"name": "RHSA-2014:0371",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html"
},
{
"name": "57719",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57719"
},
{
"name": "57716",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57716"
},
{
"name": "RHSA-2014:0372",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1624",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
"refsource": "MISC",
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
},
{
"name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/02/05/24"
},
{
"name": "RHSA-2014:0371",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html"
},
{
"name": "57719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57719"
},
{
"name": "57716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57716"
},
{
"name": "RHSA-2014:0372",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-1624",
"datePublished": "2013-02-08T19:00:00.000Z",
"dateReserved": "2013-02-05T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:04:49.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2013-1624",
"date": "2026-05-25",
"epss": "0.00387",
"percentile": "0.59952"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FAF60BAE-BA1B-49A3-B594-3B7336F602AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AFDD300D-43A1-4E72-9BB6-E3141A7B3CF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0C5F2A1-BBE1-4EC1-8324-64A8DC19DCE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"663B6F4C-1997-4651-ADA0-E061BBCA543F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"311A950B-0152-4556-B7A0-8A1D355A095D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.06:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8778B34-92B6-41F7-AA5E-55127155C6D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E1EAB5C-D9FE-4499-9FF2-D7C498A5CD38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.08:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A14408B-F008-4AFB-A3C4-E468E5D8871B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.09:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EF6CBA3-D974-4D9D-A5C6-5E8CB9C5E7D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"02092572-B188-4A8E-9745-1E93DEA818BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FC51E9F-1B88-499C-B2D1-BC5B1427F5AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5FC15CF-FC0E-4E74-9936-546E51C86975\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"318F8819-2E27-4E5C-A62E-DBEE060AACD6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01B57AD2-B600-4949-91DE-87D3EAEEE01E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63CE9915-2F36-4EE7-AEAE-7BA641ECAD1B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E263B817-CA65-40E4-8BC9-D195A0F88E16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31451E1E-4CCA-4B8B-AEB9-9C8A9918B9C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A3438ED-8462-40E5-B433-9F67ED9A9110\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3258C44-1D6E-4019-B332-80505B6B7B4C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0BB004D-1C69-4B39-890A-AE70D27518A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2ACBC626-EDBD-4C75-87ED-C78066670140\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C3D8290-1839-4219-87C1-1A10FF5CF835\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E605FF3-E6D8-4364-B098-4265CC490AD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E257CDDF-1D45-40F6-AF90-51B455440EA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85AA3FAB-F49F-4CC1-86E4-A2BCC90EAA6E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5A8D2C13-72E2-4139-8EF6-2ABB21F6B199\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"46AFFBE0-63F9-47E0-BDE4-73E9C3A30D4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD114491-F727-4B7D-91C9-C20583035273\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12303E74-5E98-4F98-A21C-11EE30B74FDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B6F306E2-E7DE-45F9-880B-391F5BABE2C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCB1F2FE-E911-438F-8CED-A77055231E7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3AB6C8A-F2DD-42F7-B5B6-71E0EC1FCCCC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FB8EA15-253A-4A29-ACD4-FCCC217CC157\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0961397F-1859-41F9-A817-304D781BB050\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"74052375-8653-494A-A4DF-012075DE91CF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AEC6A374-2903-4E0C-A1C7-664B4F61AE92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F0616EC-61CA-4BF2-B0AA-9904708F35DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03F1FC36-7F65-47F2-A79F-F5EA7D3444D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"875046E1-7001-4D2A-81C4-8F391742AE4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40B16203-995B-4813-9D44-0BA044A6618C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.41:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34785221-CC94-4271-9D23-D5259A43AAD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.42:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B18042B7-F191-4E7A-A35A-560B80C52D62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.43:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93F59407-2608-4B0B-8EB7-9CA95C92E7F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.44:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78B80BCC-BA28-403E-B305-EA8E607B756F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.45:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E92AD60-8537-4D61-8C89-769D36B34BBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.46:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E266FA6-AB05-44BC-8DE1-B009915FFBD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.47:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8378040B-25A8-4F2A-B632-E7F91A45DFD6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35AF4B58-7361-4D12-AADA-072A60AB0104\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BFAF5C1-7823-436C-9CA3-056F0A9D51A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40259337-03AB-410A-82B7-AFEB4E0C1AD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA51EA08-2375-4F1B-8C89-ED18B2C9E683\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD8F22E0-D7C8-4ADA-9312-18F07CEF4ED4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"65F5FE67-E52C-4301-A840-F91A1F5B87B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0BB97D9-EADD-47DB-9ABA-A92B43C2A522\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27F9BDF0-E59A-4FD9-B868-BF7342B98B8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FF3240B-548F-45A4-BCC8-4E0534619375\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.\"}, {\"lang\": \"es\", \"value\": \"La implementaci\\u00f3n de TLS en la biblioteca Java de Bouncy Castle antes v1.48 y biblioteca C# antes de v1.8 no tiene debidamente en cuenta los ataques de tiempo al canal lateral en la operaci\\u00f3n de comprobaci\\u00f3n de incumplimiento MAC durante el proceso de relleno del CBC malformado, lo que permite a atacantes remotos realizar ataques distintivos y de texto plano, ataques de recuperaci\\u00f3n a trav\\u00e9s de an\\u00e1lisis estad\\u00edsticode tiempo de los paquetes hechos a mano, una cuesti\\u00f3n relacionada con CVE-2013-0169.\"}]",
"id": "CVE-2013-1624",
"lastModified": "2024-11-21T01:50:01.507",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:N/C:P/I:P/A:N\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 4.9, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2013-02-08T19:55:01.437",
"references": "[{\"url\": \"http://openwall.com/lists/oss-security/2013/02/05/24\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0371.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0372.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/57716\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/57719\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.isg.rhul.ac.uk/tls/TLStiming.pdf\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://openwall.com/lists/oss-security/2013/02/05/24\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0371.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2014-0372.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/57716\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/57719\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.isg.rhul.ac.uk/tls/TLStiming.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-310\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2013-1624\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-02-08T19:55:01.437\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n de TLS en la biblioteca Java de Bouncy Castle antes v1.48 y biblioteca C# antes de v1.8 no tiene debidamente en cuenta los ataques de tiempo al canal lateral en la operaci\u00f3n de comprobaci\u00f3n de incumplimiento MAC durante el proceso de relleno del CBC malformado, lo que permite a atacantes remotos realizar ataques distintivos y de texto plano, ataques de recuperaci\u00f3n a trav\u00e9s de an\u00e1lisis estad\u00edsticode tiempo de los paquetes hechos a mano, una cuesti\u00f3n relacionada con CVE-2013-0169.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:P/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"074B7733-B554-4C60-8B6C-711082FBC981\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B065EFF-5CBE-4B4E-B5ED-C97ACC17F913\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74053B79-26E8-4E5C-8BAA-623B6F8C2406\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A673F86-9038-4DDC-BC42-CDAA82E31D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27BA92FF-CCD7-43A7-880B-63F749BE134A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A587B9F5-BA5F-4470-84A7-551C15143F80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF1C6753-A077-4BC1-96D6-42408D576371\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9F1242D-E49C-49E8-B011-ACCD096BB62F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB5B1AD3-F98A-4608-92E3-03D595DC24F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3B73EA3-7055-47F4-927B-DAE9CCC0790B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"754ACBCB-BF5C-49C2-8608-DF0B60F75C19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6654B10A-5D16-4D13-A329-512A1D8100D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33A9B4AA-4EBF-49A9-8081-68AE10D3B36D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E57C145D-44AD-4D3D-AC95-A02F4343E9F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"581016A0-9C71-4C69-BA07-DED9E58B9D20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7E76D59-7A74-44A9-9E34-F2573C7BD023\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F375FFAD-88A2-4DCE-A609-2965692483CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C001773-96B8-4CC9-9841-EBAFD4724FBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EAAD240-17C9-4804-9BDE-F13B94EC6580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF897C5D-1751-4FCE-8814-51FBECB7143B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBEF5C40-189C-4CA3-AC7E-7B06040AE984\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C232FE64-92E6-4090-BA28-53A6EC1794EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BC9CEB4-0708-4BF2-B126-94ADC1F83870\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C7FB2D4-C9FA-4B4D-9DA5-EF7262F00E44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B7DDC74-EAB2-4159-B234-6A282155D137\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9BA1059-992E-4C20-A7CE-7113BA768663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27E1FB43-1D6B-48B0-ADA1-CCE1BFF03E87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"989146A9-B308-4097-9E01-E6DE1DD7FCCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59B24C7F-ABC5-43EC-86A0-5E1985522FCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C8010C1-C565-4743-9D15-40040FB43B63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"232A9D64-5D09-4C97-A40C-AC7BCBFAC656\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DCFFFEC-C0FA-43F9-8D51-281D2687A112\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19E0BE43-463C-4181-B391-BF4365B85B96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAA2A9CD-697A-448B-BC5B-1B5C62EAC8F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"557535DF-E017-4B5D-BF31-108842792600\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF066A80-84B8-40FF-9A48-D72D5475DEEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD3C1714-F2BB-48E9-A853-FF72CDEB7571\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC6601B4-BC40-405C-A356-73B5D95FC1FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87A2ED6F-4C17-4B4A-AE63-5B390D226A41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00F70566-2BC4-48B4-B742-D0D229023101\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5D129B6-8749-4E84-9E5D-9FE86482A270\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9344203-15ED-465D-AF07-2BFF14532264\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA414847-2C01-4267-BFAC-1C54C9352BB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A9D93C8-E5F8-48FC-AF3D-045A4EB36F8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8D14A27-9C4A-44D0-8687-BCAEB3013FDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B00CB74-167A-4BCB-81E5-C9B47285007D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:bc-java:1.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CAB6B3F-53F8-4F5E-A34C-C67EE9914EA1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35AF4B58-7361-4D12-AADA-072A60AB0104\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BFAF5C1-7823-436C-9CA3-056F0A9D51A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40259337-03AB-410A-82B7-AFEB4E0C1AD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA51EA08-2375-4F1B-8C89-ED18B2C9E683\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD8F22E0-D7C8-4ADA-9312-18F07CEF4ED4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65F5FE67-E52C-4301-A840-F91A1F5B87B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0BB97D9-EADD-47DB-9ABA-A92B43C2A522\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27F9BDF0-E59A-4FD9-B868-BF7342B98B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\\\#-cryptography-api:1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FF3240B-548F-45A4-BCC8-4E0534619375\"}]}]}],\"references\":[{\"url\":\"http://openwall.com/lists/oss-security/2013/02/05/24\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0371.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0372.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/57716\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/57719\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.isg.rhul.ac.uk/tls/TLStiming.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://openwall.com/lists/oss-security/2013/02/05/24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0371.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0372.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/57716\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/57719\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.isg.rhul.ac.uk/tls/TLStiming.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2020-AVI-420
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Junos Space et Junos Space Security Director versions antérieures à 20.1R1 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(*1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(*2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos Space et Junos Space Security Director versions ant\u00e9rieures \u00e0 20.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(*1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(*2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-1167",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1167"
},
{
"name": "CVE-2016-2324",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2324"
},
{
"name": "CVE-2013-1960",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1960"
},
{
"name": "CVE-2012-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4447"
},
{
"name": "CVE-2016-3991",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3991"
},
{
"name": "CVE-2016-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1838"
},
{
"name": "CVE-2014-7826",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7826"
},
{
"name": "CVE-2020-1648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1648"
},
{
"name": "CVE-2016-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3621"
},
{
"name": "CVE-2011-0192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
},
{
"name": "CVE-2016-1000341",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000341"
},
{
"name": "CVE-2016-6662",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6662"
},
{
"name": "CVE-2019-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0169"
},
{
"name": "CVE-2019-11097",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11097"
},
{
"name": "CVE-2009-2347",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2347"
},
{
"name": "CVE-2014-3634",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3634"
},
{
"name": "CVE-2016-1000343",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000343"
},
{
"name": "CVE-2015-1782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1782"
},
{
"name": "CVE-2017-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13098"
},
{
"name": "CVE-2019-11132",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11132"
},
{
"name": "CVE-2014-7825",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7825"
},
{
"name": "CVE-2016-6136",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
},
{
"name": "CVE-2020-1646",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1646"
},
{
"name": "CVE-2019-11086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11086"
},
{
"name": "CVE-2017-7895",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7895"
},
{
"name": "CVE-2012-1173",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1173"
},
{
"name": "CVE-2012-2088",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2088"
},
{
"name": "CVE-2014-9938",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9938"
},
{
"name": "CVE-2015-1158",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1158"
},
{
"name": "CVE-2020-1651",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1651"
},
{
"name": "CVE-2010-2067",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2067"
},
{
"name": "CVE-2019-11106",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11106"
},
{
"name": "CVE-2016-1000346",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000346"
},
{
"name": "CVE-2016-3945",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3945"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2020-1645",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1645"
},
{
"name": "CVE-2016-1000345",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000345"
},
{
"name": "CVE-2020-1640",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1640"
},
{
"name": "CVE-2013-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4244"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2020-1643",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1643"
},
{
"name": "CVE-2018-16881",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16881"
},
{
"name": "CVE-2015-7940",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7940"
},
{
"name": "CVE-2017-1000117",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000117"
},
{
"name": "CVE-2012-5581",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5581"
},
{
"name": "CVE-2016-1000338",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000338"
},
{
"name": "CVE-2014-3690",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3690"
},
{
"name": "CVE-2018-1000613",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000613"
},
{
"name": "CVE-2017-12588",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12588"
},
{
"name": "CVE-2016-0787",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0787"
},
{
"name": "CVE-2016-1834",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1834"
},
{
"name": "CVE-2016-9555",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
},
{
"name": "CVE-2013-1624",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1624"
},
{
"name": "CVE-2016-3990",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3990"
},
{
"name": "CVE-2019-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0168"
},
{
"name": "CVE-2018-1000021",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000021"
},
{
"name": "CVE-2019-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11103"
},
{
"name": "CVE-2014-9679",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9679"
},
{
"name": "CVE-2020-1647",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1647"
},
{
"name": "CVE-2019-11107",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11107"
},
{
"name": "CVE-2020-1652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1652"
},
{
"name": "CVE-2017-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14867"
},
{
"name": "CVE-2009-5022",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-5022"
},
{
"name": "CVE-2016-1835",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1835"
},
{
"name": "CVE-2019-3856",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
},
{
"name": "CVE-2020-1650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1650"
},
{
"name": "CVE-2016-1000342",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000342"
},
{
"name": "CVE-2019-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
},
{
"name": "CVE-2016-1836",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
},
{
"name": "CVE-2019-11110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11110"
},
{
"name": "CVE-2013-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
},
{
"name": "CVE-2016-1000339",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000339"
},
{
"name": "CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"name": "CVE-2017-9935",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9935"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2018-5382",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5382"
},
{
"name": "CVE-2014-9584",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9584"
},
{
"name": "CVE-2019-11102",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11102"
},
{
"name": "CVE-2019-3862",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
},
{
"name": "CVE-2019-11088",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11088"
},
{
"name": "CVE-2019-11105",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11105"
},
{
"name": "CVE-2016-5616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5616"
},
{
"name": "CVE-2015-1421",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1421"
},
{
"name": "CVE-2014-9529",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9529"
},
{
"name": "CVE-2020-1654",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1654"
},
{
"name": "CVE-2013-1961",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1961"
},
{
"name": "CVE-2015-7082",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7082"
},
{
"name": "CVE-2006-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2193"
},
{
"name": "CVE-2014-8171",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8171"
},
{
"name": "CVE-2006-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2656"
},
{
"name": "CVE-2019-11101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11101"
},
{
"name": "CVE-2016-1833",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1833"
},
{
"name": "CVE-2018-11233",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11233"
},
{
"name": "CVE-2013-4232",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4232"
},
{
"name": "CVE-2013-4243",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4243"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2011-3200",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3200"
},
{
"name": "CVE-2016-1840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1840"
},
{
"name": "CVE-2017-15298",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15298"
},
{
"name": "CVE-2014-8884",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8884"
},
{
"name": "CVE-2015-1159",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1159"
},
{
"name": "CVE-2016-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
},
{
"name": "CVE-2019-11131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11131"
},
{
"name": "CVE-2020-1641",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1641"
},
{
"name": "CVE-2019-11090",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11090"
},
{
"name": "CVE-2013-4758",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4758"
},
{
"name": "CVE-2016-1837",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1837"
},
{
"name": "CVE-2019-0131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0131"
},
{
"name": "CVE-2019-11109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11109"
},
{
"name": "CVE-2016-5314",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5314"
},
{
"name": "CVE-2016-1839",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1839"
},
{
"name": "CVE-2016-1000352",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000352"
},
{
"name": "CVE-2010-2065",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2065"
},
{
"name": "CVE-2019-0166",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0166"
},
{
"name": "CVE-2010-1411",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1411"
},
{
"name": "CVE-2016-3632",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3632"
},
{
"name": "CVE-2019-3855",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
},
{
"name": "CVE-2015-7547",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7547"
},
{
"name": "CVE-2020-1649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1649"
},
{
"name": "CVE-2019-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
},
{
"name": "CVE-2012-4564",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4564"
},
{
"name": "CVE-2012-2113",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2113"
},
{
"name": "CVE-2019-11104",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11104"
},
{
"name": "CVE-2019-11087",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11087"
},
{
"name": "CVE-2016-1000344",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000344"
},
{
"name": "CVE-2019-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11108"
},
{
"name": "CVE-2014-3215",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3215"
},
{
"name": "CVE-2018-11235",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11235"
},
{
"name": "CVE-2016-6663",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6663"
},
{
"name": "CVE-2018-19486",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19486"
},
{
"name": "CVE-2015-7545",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7545"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2019-11100",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11100"
},
{
"name": "CVE-2018-5360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5360"
},
{
"name": "CVE-2018-1000180",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000180"
},
{
"name": "CVE-2019-0165",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0165"
},
{
"name": "CVE-2020-1644",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1644"
},
{
"name": "CVE-2019-11147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11147"
},
{
"name": "CVE-2012-3401",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3401"
},
{
"name": "CVE-2019-0211",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0211"
},
{
"name": "CVE-2014-3683",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3683"
}
],
"links": [],
"reference": "CERTFR-2020-AVI-420",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-07-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11038 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11038\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11024 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11024\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11026 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11026\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11027 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11027\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11035 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11035\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11023 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11023\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11025 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11025\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11034 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11034\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11033 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11033\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11032 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11032\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11036 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11036\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11031 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11031\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11030 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11030\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11037 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11037\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11028 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11028\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2020-AVI-420
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Junos Space et Junos Space Security Director versions antérieures à 20.1R1 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(*1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(*2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos Space et Junos Space Security Director versions ant\u00e9rieures \u00e0 20.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 19.1R3-EVO,19.2R2-EVO, 19.3R1-EVO, 19.3R3-EVO, 19.4R2-EVO, 19.4R2-S2-EVO, 20.1R1-EVO, 20.1R2-EVO et 20.2R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S15, 12.3X48-D100, 12.3X48-D95, 14.1X53-D140, 14.1X53-D54, 15.1R7-S6, 15.1R7-S7, 15.1X49-D200, 15.1X49-D210, 15.1X49-D230, 15.1X53-D593, 16.1R7-S7, 16.1R7-S8, 17.1R2-S11, 17.1R2-S12, 17.1R3-S2, 17.2R1-S9, 17.2R2-S8, 17.2R3-S3, 17.2R3-S4, 17.2X75-D105.19, 17.3R2-S5, 17.3R3-S6, 17.3R3-S7, 17.3R3-S8, 17.4R1-S3, 17.4R2, 17.4R2-S10, 17.4R2-S11, 17.4R2-S2, 17.4R2-S4, 17.4R2-S8, 17.4R2-S9, 17.4R3, 17.4R3-S1, 17.4R3-S2, 18.1R2, 18.1R3-S10, 18.1R3-S2, 18.1R3-S5, 18.1R3-S8, 18.1R3-S9, 18.2R1, 18.2R2, 18.2R2-S6, 18.2R2-S7, 18.2R3, 18.2R3-S3, 18.2R3-S4, 18.2R3-S5, 18.2X75-D10, 18.2X75-D13, 18.2X75-D32, 18.2X75-D33, 18.2X75-D34, 18.2X75-D40, 18.2X75-D41, 18.2X75-D411.1, 18.2X75-D420, 18.2X75-D420.18, 18.2X75-D430, 18.2X75-D50, 18.2X75-D52, 18.2X75-D52.3, 18.2X75-D52.8, 18.2X75-D53, 18.2X75-D60, 18.2X75-D60.2, 18.2X75-D65, 18.2X75-D65.1, 18.2X75-D70, 18.2X75-D70;(*1), 18.3R1-S2, 18.3R1-S7, 18.3R2, 18.3R2-S3, 18.3R2-S4, 18.3R3, 18.3R3-S1, 18.3R3-S2, 18.4R1, 18.4R1-S5, 18.4R1-S6, 18.4R1-S7, 18.4R2, 18.4R2-S4, 18.4R2-S5, 18.4R3, 18.4R3-S1, 18.4R3-S2, 18.4R3-S3(*2), 19.1R1-S4, 19.1R1-S5, 19.1R2, 19.1R2-S1, 19.1R2-S2, 19.1R3, 19.1R3-S2, 19.2R1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R2, 19.2R3, 19.3R2, 19.3R2-S2, 19.3R2-S3, 19.3R3, 19.4R1, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R2, 19.4R3, 20.1R1, 20.1R1-S1, 20.1R1-S2, 20.1R2 et 20.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-1167",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1167"
},
{
"name": "CVE-2016-2324",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2324"
},
{
"name": "CVE-2013-1960",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1960"
},
{
"name": "CVE-2012-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4447"
},
{
"name": "CVE-2016-3991",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3991"
},
{
"name": "CVE-2016-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1838"
},
{
"name": "CVE-2014-7826",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7826"
},
{
"name": "CVE-2020-1648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1648"
},
{
"name": "CVE-2016-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3621"
},
{
"name": "CVE-2011-0192",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
},
{
"name": "CVE-2016-1000341",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000341"
},
{
"name": "CVE-2016-6662",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6662"
},
{
"name": "CVE-2019-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0169"
},
{
"name": "CVE-2019-11097",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11097"
},
{
"name": "CVE-2009-2347",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2347"
},
{
"name": "CVE-2014-3634",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3634"
},
{
"name": "CVE-2016-1000343",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000343"
},
{
"name": "CVE-2015-1782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1782"
},
{
"name": "CVE-2017-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13098"
},
{
"name": "CVE-2019-11132",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11132"
},
{
"name": "CVE-2014-7825",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7825"
},
{
"name": "CVE-2016-6136",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
},
{
"name": "CVE-2020-1646",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1646"
},
{
"name": "CVE-2019-11086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11086"
},
{
"name": "CVE-2017-7895",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7895"
},
{
"name": "CVE-2012-1173",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1173"
},
{
"name": "CVE-2012-2088",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2088"
},
{
"name": "CVE-2014-9938",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9938"
},
{
"name": "CVE-2015-1158",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1158"
},
{
"name": "CVE-2020-1651",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1651"
},
{
"name": "CVE-2010-2067",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2067"
},
{
"name": "CVE-2019-11106",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11106"
},
{
"name": "CVE-2016-1000346",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000346"
},
{
"name": "CVE-2016-3945",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3945"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2020-1645",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1645"
},
{
"name": "CVE-2016-1000345",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000345"
},
{
"name": "CVE-2020-1640",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1640"
},
{
"name": "CVE-2013-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4244"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2020-1643",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1643"
},
{
"name": "CVE-2018-16881",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16881"
},
{
"name": "CVE-2015-7940",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7940"
},
{
"name": "CVE-2017-1000117",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000117"
},
{
"name": "CVE-2012-5581",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5581"
},
{
"name": "CVE-2016-1000338",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000338"
},
{
"name": "CVE-2014-3690",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3690"
},
{
"name": "CVE-2018-1000613",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000613"
},
{
"name": "CVE-2017-12588",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12588"
},
{
"name": "CVE-2016-0787",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0787"
},
{
"name": "CVE-2016-1834",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1834"
},
{
"name": "CVE-2016-9555",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9555"
},
{
"name": "CVE-2013-1624",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1624"
},
{
"name": "CVE-2016-3990",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3990"
},
{
"name": "CVE-2019-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0168"
},
{
"name": "CVE-2018-1000021",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000021"
},
{
"name": "CVE-2019-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11103"
},
{
"name": "CVE-2014-9679",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9679"
},
{
"name": "CVE-2020-1647",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1647"
},
{
"name": "CVE-2019-11107",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11107"
},
{
"name": "CVE-2020-1652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1652"
},
{
"name": "CVE-2017-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14867"
},
{
"name": "CVE-2009-5022",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-5022"
},
{
"name": "CVE-2016-1835",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1835"
},
{
"name": "CVE-2019-3856",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3856"
},
{
"name": "CVE-2020-1650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1650"
},
{
"name": "CVE-2016-1000342",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000342"
},
{
"name": "CVE-2019-3863",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3863"
},
{
"name": "CVE-2016-1836",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
},
{
"name": "CVE-2019-11110",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11110"
},
{
"name": "CVE-2013-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
},
{
"name": "CVE-2016-1000339",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000339"
},
{
"name": "CVE-2008-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2327"
},
{
"name": "CVE-2017-9935",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9935"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2018-5382",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5382"
},
{
"name": "CVE-2014-9584",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9584"
},
{
"name": "CVE-2019-11102",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11102"
},
{
"name": "CVE-2019-3862",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3862"
},
{
"name": "CVE-2019-11088",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11088"
},
{
"name": "CVE-2019-11105",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11105"
},
{
"name": "CVE-2016-5616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5616"
},
{
"name": "CVE-2015-1421",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1421"
},
{
"name": "CVE-2014-9529",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9529"
},
{
"name": "CVE-2020-1654",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1654"
},
{
"name": "CVE-2013-1961",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1961"
},
{
"name": "CVE-2015-7082",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7082"
},
{
"name": "CVE-2006-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2193"
},
{
"name": "CVE-2014-8171",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8171"
},
{
"name": "CVE-2006-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2656"
},
{
"name": "CVE-2019-11101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11101"
},
{
"name": "CVE-2016-1833",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1833"
},
{
"name": "CVE-2018-11233",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11233"
},
{
"name": "CVE-2013-4232",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4232"
},
{
"name": "CVE-2013-4243",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4243"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2011-3200",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3200"
},
{
"name": "CVE-2016-1840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1840"
},
{
"name": "CVE-2017-15298",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15298"
},
{
"name": "CVE-2014-8884",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8884"
},
{
"name": "CVE-2015-1159",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1159"
},
{
"name": "CVE-2016-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
},
{
"name": "CVE-2019-11131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11131"
},
{
"name": "CVE-2020-1641",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1641"
},
{
"name": "CVE-2019-11090",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11090"
},
{
"name": "CVE-2013-4758",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4758"
},
{
"name": "CVE-2016-1837",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1837"
},
{
"name": "CVE-2019-0131",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0131"
},
{
"name": "CVE-2019-11109",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11109"
},
{
"name": "CVE-2016-5314",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5314"
},
{
"name": "CVE-2016-1839",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1839"
},
{
"name": "CVE-2016-1000352",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000352"
},
{
"name": "CVE-2010-2065",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2065"
},
{
"name": "CVE-2019-0166",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0166"
},
{
"name": "CVE-2010-1411",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1411"
},
{
"name": "CVE-2016-3632",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3632"
},
{
"name": "CVE-2019-3855",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3855"
},
{
"name": "CVE-2015-7547",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7547"
},
{
"name": "CVE-2020-1649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1649"
},
{
"name": "CVE-2019-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3857"
},
{
"name": "CVE-2012-4564",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4564"
},
{
"name": "CVE-2012-2113",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2113"
},
{
"name": "CVE-2019-11104",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11104"
},
{
"name": "CVE-2019-11087",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11087"
},
{
"name": "CVE-2016-1000344",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000344"
},
{
"name": "CVE-2019-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11108"
},
{
"name": "CVE-2014-3215",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3215"
},
{
"name": "CVE-2018-11235",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11235"
},
{
"name": "CVE-2016-6663",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6663"
},
{
"name": "CVE-2018-19486",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19486"
},
{
"name": "CVE-2015-7545",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7545"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2019-11100",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11100"
},
{
"name": "CVE-2018-5360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5360"
},
{
"name": "CVE-2018-1000180",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000180"
},
{
"name": "CVE-2019-0165",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0165"
},
{
"name": "CVE-2020-1644",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1644"
},
{
"name": "CVE-2019-11147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11147"
},
{
"name": "CVE-2012-3401",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3401"
},
{
"name": "CVE-2019-0211",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0211"
},
{
"name": "CVE-2014-3683",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3683"
}
],
"links": [],
"reference": "CERTFR-2020-AVI-420",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-07-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11038 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11038\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11024 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11024\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11026 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11026\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11027 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11027\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11035 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11035\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11023 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11023\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11025 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11025\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11034 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11034\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11033 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11033\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11032 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11032\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11036 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11036\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11031 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11031\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11030 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11030\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11037 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11037\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11028 du 08 juillet 2020",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11028\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
FKIE_CVE-2013-1624
Vulnerability from fkie_nvd - Published: 2013-02-08 19:55 - Updated: 2026-04-29 01:13
Severity
Summary
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://openwall.com/lists/oss-security/2013/02/05/24 | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2014-0371.html | ||
| cve@mitre.org | http://rhn.redhat.com/errata/RHSA-2014-0372.html | ||
| cve@mitre.org | http://secunia.com/advisories/57716 | ||
| cve@mitre.org | http://secunia.com/advisories/57719 | ||
| cve@mitre.org | http://www.isg.rhul.ac.uk/tls/TLStiming.pdf | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://openwall.com/lists/oss-security/2013/02/05/24 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0371.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2014-0372.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57716 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/57719 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.isg.rhul.ac.uk/tls/TLStiming.pdf |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bouncycastle | bc-java | 1.01 | |
| bouncycastle | bc-java | 1.02 | |
| bouncycastle | bc-java | 1.03 | |
| bouncycastle | bc-java | 1.04 | |
| bouncycastle | bc-java | 1.05 | |
| bouncycastle | bc-java | 1.06 | |
| bouncycastle | bc-java | 1.07 | |
| bouncycastle | bc-java | 1.08 | |
| bouncycastle | bc-java | 1.09 | |
| bouncycastle | bc-java | 1.10 | |
| bouncycastle | bc-java | 1.11 | |
| bouncycastle | bc-java | 1.12 | |
| bouncycastle | bc-java | 1.13 | |
| bouncycastle | bc-java | 1.14 | |
| bouncycastle | bc-java | 1.15 | |
| bouncycastle | bc-java | 1.16 | |
| bouncycastle | bc-java | 1.17 | |
| bouncycastle | bc-java | 1.18 | |
| bouncycastle | bc-java | 1.19 | |
| bouncycastle | bc-java | 1.20 | |
| bouncycastle | bc-java | 1.21 | |
| bouncycastle | bc-java | 1.22 | |
| bouncycastle | bc-java | 1.23 | |
| bouncycastle | bc-java | 1.24 | |
| bouncycastle | bc-java | 1.25 | |
| bouncycastle | bc-java | 1.26 | |
| bouncycastle | bc-java | 1.27 | |
| bouncycastle | bc-java | 1.28 | |
| bouncycastle | bc-java | 1.29 | |
| bouncycastle | bc-java | 1.30 | |
| bouncycastle | bc-java | 1.31 | |
| bouncycastle | bc-java | 1.32 | |
| bouncycastle | bc-java | 1.33 | |
| bouncycastle | bc-java | 1.34 | |
| bouncycastle | bc-java | 1.35 | |
| bouncycastle | bc-java | 1.36 | |
| bouncycastle | bc-java | 1.37 | |
| bouncycastle | bc-java | 1.38 | |
| bouncycastle | bc-java | 1.39 | |
| bouncycastle | bc-java | 1.40 | |
| bouncycastle | bc-java | 1.41 | |
| bouncycastle | bc-java | 1.42 | |
| bouncycastle | bc-java | 1.43 | |
| bouncycastle | bc-java | 1.44 | |
| bouncycastle | bc-java | 1.45 | |
| bouncycastle | bc-java | 1.46 | |
| bouncycastle | bc-java | 1.47 | |
| bouncycastle | legion-of-the-bouncy-castle-c\#-cryptography-api | 0.0 | |
| bouncycastle | legion-of-the-bouncy-castle-c\#-cryptography-api | 1.0 | |
| bouncycastle | legion-of-the-bouncy-castle-c\#-cryptography-api | 1.1 | |
| bouncycastle | legion-of-the-bouncy-castle-c\#-cryptography-api | 1.2 | |
| bouncycastle | legion-of-the-bouncy-castle-c\#-cryptography-api | 1.3 | |
| bouncycastle | legion-of-the-bouncy-castle-c\#-cryptography-api | 1.4 | |
| bouncycastle | legion-of-the-bouncy-castle-c\#-cryptography-api | 1.5 | |
| bouncycastle | legion-of-the-bouncy-castle-c\#-cryptography-api | 1.6.1 | |
| bouncycastle | legion-of-the-bouncy-castle-c\#-cryptography-api | 1.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "074B7733-B554-4C60-8B6C-711082FBC981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "6B065EFF-5CBE-4B4E-B5ED-C97ACC17F913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "74053B79-26E8-4E5C-8BAA-623B6F8C2406",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.04:*:*:*:*:*:*:*",
"matchCriteriaId": "8A673F86-9038-4DDC-BC42-CDAA82E31D18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "27BA92FF-CCD7-43A7-880B-63F749BE134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "A587B9F5-BA5F-4470-84A7-551C15143F80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.07:*:*:*:*:*:*:*",
"matchCriteriaId": "CF1C6753-A077-4BC1-96D6-42408D576371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "D9F1242D-E49C-49E8-B011-ACCD096BB62F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.09:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5B1AD3-F98A-4608-92E3-03D595DC24F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A3B73EA3-7055-47F4-927B-DAE9CCC0790B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "754ACBCB-BF5C-49C2-8608-DF0B60F75C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6654B10A-5D16-4D13-A329-512A1D8100D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "33A9B4AA-4EBF-49A9-8081-68AE10D3B36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "E57C145D-44AD-4D3D-AC95-A02F4343E9F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "581016A0-9C71-4C69-BA07-DED9E58B9D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E76D59-7A74-44A9-9E34-F2573C7BD023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F375FFAD-88A2-4DCE-A609-2965692483CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "5C001773-96B8-4CC9-9841-EBAFD4724FBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "2EAAD240-17C9-4804-9BDE-F13B94EC6580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AF897C5D-1751-4FCE-8814-51FBECB7143B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "DBEF5C40-189C-4CA3-AC7E-7B06040AE984",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "C232FE64-92E6-4090-BA28-53A6EC1794EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "3BC9CEB4-0708-4BF2-B126-94ADC1F83870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "4C7FB2D4-C9FA-4B4D-9DA5-EF7262F00E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "3B7DDC74-EAB2-4159-B234-6A282155D137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E9BA1059-992E-4C20-A7CE-7113BA768663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "27E1FB43-1D6B-48B0-ADA1-CCE1BFF03E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.28:*:*:*:*:*:*:*",
"matchCriteriaId": "989146A9-B308-4097-9E01-E6DE1DD7FCCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.29:*:*:*:*:*:*:*",
"matchCriteriaId": "59B24C7F-ABC5-43EC-86A0-5E1985522FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "0C8010C1-C565-4743-9D15-40040FB43B63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.31:*:*:*:*:*:*:*",
"matchCriteriaId": "232A9D64-5D09-4C97-A40C-AC7BCBFAC656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.32:*:*:*:*:*:*:*",
"matchCriteriaId": "1DCFFFEC-C0FA-43F9-8D51-281D2687A112",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.33:*:*:*:*:*:*:*",
"matchCriteriaId": "19E0BE43-463C-4181-B391-BF4365B85B96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.34:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA2A9CD-697A-448B-BC5B-1B5C62EAC8F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.35:*:*:*:*:*:*:*",
"matchCriteriaId": "557535DF-E017-4B5D-BF31-108842792600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.36:*:*:*:*:*:*:*",
"matchCriteriaId": "AF066A80-84B8-40FF-9A48-D72D5475DEEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.37:*:*:*:*:*:*:*",
"matchCriteriaId": "CD3C1714-F2BB-48E9-A853-FF72CDEB7571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.38:*:*:*:*:*:*:*",
"matchCriteriaId": "AC6601B4-BC40-405C-A356-73B5D95FC1FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.39:*:*:*:*:*:*:*",
"matchCriteriaId": "87A2ED6F-4C17-4B4A-AE63-5B390D226A41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.40:*:*:*:*:*:*:*",
"matchCriteriaId": "00F70566-2BC4-48B4-B742-D0D229023101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.41:*:*:*:*:*:*:*",
"matchCriteriaId": "C5D129B6-8749-4E84-9E5D-9FE86482A270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.42:*:*:*:*:*:*:*",
"matchCriteriaId": "D9344203-15ED-465D-AF07-2BFF14532264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.43:*:*:*:*:*:*:*",
"matchCriteriaId": "EA414847-2C01-4267-BFAC-1C54C9352BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "6A9D93C8-E5F8-48FC-AF3D-045A4EB36F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.45:*:*:*:*:*:*:*",
"matchCriteriaId": "B8D14A27-9C4A-44D0-8687-BCAEB3013FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.46:*:*:*:*:*:*:*",
"matchCriteriaId": "6B00CB74-167A-4BCB-81E5-C9B47285007D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:bc-java:1.47:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAB6B3F-53F8-4F5E-A34C-C67EE9914EA1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "35AF4B58-7361-4D12-AADA-072A60AB0104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3BFAF5C1-7823-436C-9CA3-056F0A9D51A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "40259337-03AB-410A-82B7-AFEB4E0C1AD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA51EA08-2375-4F1B-8C89-ED18B2C9E683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F22E0-D7C8-4ADA-9312-18F07CEF4ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65F5FE67-E52C-4301-A840-F91A1F5B87B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BB97D9-EADD-47DB-9ABA-A92B43C2A522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27F9BDF0-E59A-4FD9-B868-BF7342B98B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF3240B-548F-45A4-BCC8-4E0534619375",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de TLS en la biblioteca Java de Bouncy Castle antes v1.48 y biblioteca C# antes de v1.8 no tiene debidamente en cuenta los ataques de tiempo al canal lateral en la operaci\u00f3n de comprobaci\u00f3n de incumplimiento MAC durante el proceso de relleno del CBC malformado, lo que permite a atacantes remotos realizar ataques distintivos y de texto plano, ataques de recuperaci\u00f3n a trav\u00e9s de an\u00e1lisis estad\u00edsticode tiempo de los paquetes hechos a mano, una cuesti\u00f3n relacionada con CVE-2013-0169."
}
],
"id": "CVE-2013-1624",
"lastModified": "2026-04-29T01:13:23.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-02-08T19:55:01.437",
"references": [
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2013/02/05/24"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/57716"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/57719"
},
{
"source": "cve@mitre.org",
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2013/02/05/24"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-8353-FGCR-XFHX
Vulnerability from github – Published: 2022-05-14 02:14 – Updated: 2022-07-08 18:59
VLAI
Summary
Improper Input Validation in Bouncy Castle
Details
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.bouncycastle:bcprov-jdk15on"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.48"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2013-1624"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": true,
"github_reviewed_at": "2022-07-08T18:59:52Z",
"nvd_published_at": "2013-02-08T19:55:00Z",
"severity": "MODERATE"
},
"details": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.",
"id": "GHSA-8353-fgcr-xfhx",
"modified": "2022-07-08T18:59:52Z",
"published": "2022-05-14T02:14:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624"
},
{
"type": "WEB",
"url": "http://openwall.com/lists/oss-security/2013/02/05/24"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/57716"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/57719"
},
{
"type": "WEB",
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Improper Input Validation in Bouncy Castle"
}
GSD-2013-1624
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2013-1624",
"description": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.",
"id": "GSD-2013-1624",
"references": [
"https://www.suse.com/security/cve/CVE-2013-1624.html",
"https://access.redhat.com/errata/RHSA-2015:1009",
"https://access.redhat.com/errata/RHSA-2014:0896",
"https://access.redhat.com/errata/RHSA-2014:0401",
"https://access.redhat.com/errata/RHSA-2014:0400",
"https://access.redhat.com/errata/RHSA-2014:0372",
"https://access.redhat.com/errata/RHSA-2014:0371"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2013-1624"
],
"details": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.",
"id": "GSD-2013-1624",
"modified": "2023-12-13T01:22:20.558983Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1624",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
"refsource": "MISC",
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
},
{
"name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2013/02/05/24"
},
{
"name": "RHSA-2014:0371",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html"
},
{
"name": "57719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57719"
},
{
"name": "57716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57716"
},
{
"name": "RHSA-2014:0372",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,1.48)",
"affected_versions": "All versions before 1.48",
"cvss_v2": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-310",
"CWE-937"
],
"date": "2022-07-08",
"description": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.",
"fixed_versions": [
"1.48"
],
"identifier": "CVE-2013-1624",
"identifiers": [
"GHSA-8353-fgcr-xfhx",
"CVE-2013-1624"
],
"not_impacted": "All versions starting from 1.48",
"package_slug": "maven/org.bouncycastle/bcprov-jdk15on",
"pubdate": "2022-05-14",
"solution": "Upgrade to version 1.48 or above.",
"title": "Improper Input Validation in Bouncy Castle",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2013-1624",
"http://openwall.com/lists/oss-security/2013/02/05/24",
"http://rhn.redhat.com/errata/RHSA-2014-0371.html",
"http://rhn.redhat.com/errata/RHSA-2014-0372.html",
"http://secunia.com/advisories/57716",
"http://secunia.com/advisories/57719",
"http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
"https://github.com/advisories/GHSA-8353-fgcr-xfhx"
],
"uuid": "58c409c0-11b2-4d56-926c-e4cbcc94dac3"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.07:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.45:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-c\\#-cryptography-api:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-1624"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20130205 Re: CVE request: TLS CBC padding timing flaw in various SSL / TLS implementations",
"refsource": "MLIST",
"tags": [],
"url": "http://openwall.com/lists/oss-security/2013/02/05/24"
},
{
"name": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
"refsource": "MISC",
"tags": [],
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
},
{
"name": "57716",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/57716"
},
{
"name": "RHSA-2014:0371",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html"
},
{
"name": "57719",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/57719"
},
{
"name": "RHSA-2014:0372",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-30T16:26Z",
"publishedDate": "2013-02-08T19:55Z"
}
}
}
RHSA-2014:0371
Vulnerability from csaf_redhat - Published: 2014-04-03 21:19 - Updated: 2026-05-14 22:17Summary
Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.0.1 update
Severity
Important
Notes
Topic: Red Hat JBoss BPM Suite 6.0.1, which fixes multiple security issues,
various bugs, and adds enhancements, is now available from the Red Hat
Customer Portal.
The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: Red Hat JBoss BPM Suite is a business rules management system for the
management, storage, creation, modification, and deployment of JBoss rules.
This release of Red Hat JBoss BPM Suite 6.0.1 serves as a replacement for
Red Hat JBoss BPM Suite 6.0.0, and includes bug fixes and enhancements.
Refer to the Red Hat JBoss BPM Suite 6.0.1 Release Notes for information on
the most significant of these changes. The Release Notes will be available
at https://access.redhat.com/site/documentation/Red_Hat_JBoss_BPM_Suite/
The following security issues are fixed with this release:
It was discovered that JBoss BPM Suite allowed remote authenticated users
to submit arbitrary Java code in MVFLEX Expression Language (MVEL) or JBoss
Rules expressions, resulting in arbitrary code execution within the
security context of the application server. Refer to the Solution section
for details on the fix for this issue. (CVE-2013-6468)
It was found that XStream could deserialize arbitrary user-supplied XML
content, representing objects of any type. A remote attacker able to pass
XML to XStream could use this flaw to perform a variety of attacks,
including remote code execution in the context of the server running the
XStream application. (CVE-2013-7285)
It was found that the Apache Camel XSLT component allowed XSL stylesheets
to call external Java methods. A remote attacker able to submit messages to
a Camel route could use this flaw to perform arbitrary remote code
execution in the context of the Camel server process. (CVE-2014-0003)
It was found that RESTEasy was vulnerable to XML External Entity (XXE)
attacks. If a remote attacker submitted a request containing an external
XML entity to a RESTEasy endpoint, the entity would be resolved, allowing
the attacker to read files accessible to the user running the application
server. This flaw affected DOM (Document Object Model) Document and JAXB
(Java Architecture for XML Binding) input. (CVE-2011-5245, CVE-2012-0818)
It was discovered that bouncycastle leaked timing information when
decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL server as a padding
oracle. (CVE-2013-1624)
It was found that the Apache Camel XSLT component would resolve entities in
XML messages when transforming them using an XSLT route. A remote attacker
able to submit messages to an XSLT Camel route could use this flaw to read
files accessible to the user running the application server and,
potentially, perform other more advanced XML External Entity (XXE) attacks.
(CVE-2014-0002)
The CVE-2014-0002 and CVE-2014-0003 issues were discovered by David Jorm of
the Red Hat Security Response Team, and the CVE-2013-6468 issue was
discovered by Marc Schoenefeld of the Red Hat Security Response Team.
Red Hat would like to thank Grégory Draperi for independently reporting
CVE-2013-6468.
All users of Red Hat JBoss BPM Suite 6.0.0 as provided from the Red Hat
Customer Portal are advised to upgrade to Red Hat JBoss BPM Suite 6.0.1.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE) injection attack, a similar vulnerability to CVE-2012-0818.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BPMS 6.0
Red Hat / Red Hat Process Automation Manager
|
cpe:/a:redhat:jboss_bpms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BPMS 6.0
Red Hat / Red Hat Process Automation Manager
|
cpe:/a:redhat:jboss_bpms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.
5.1 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BPMS 6.0
Red Hat / Red Hat Process Automation Manager
|
cpe:/a:redhat:jboss_bpms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.
6.5 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BPMS 6.0
Red Hat / Red Hat Process Automation Manager
|
cpe:/a:redhat:jboss_bpms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream application.
6.8 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BPMS 6.0
Red Hat / Red Hat Process Automation Manager
|
cpe:/a:redhat:jboss_bpms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BPMS 6.0
Red Hat / Red Hat Process Automation Manager
|
cpe:/a:redhat:jboss_bpms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.
6.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BPMS 6.0
Red Hat / Red Hat Process Automation Manager
|
cpe:/a:redhat:jboss_bpms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
References
46 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2014:0371 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/jbossnetwork/restricted… | external |
| https://access.redhat.com/site/documentation/Red_… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=785631 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=908428 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1049675 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1049692 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1051261 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1051277 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1058457 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2011-5245 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=785631 | external |
| https://www.cve.org/CVERecord?id=CVE-2011-5245 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2011-5245 | external |
| https://access.redhat.com/security/cve/CVE-2012-0818 | self |
| https://www.cve.org/CVERecord?id=CVE-2012-0818 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2012-0818 | external |
| https://access.redhat.com/security/cve/CVE-2013-1624 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=908428 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-1624 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-1624 | external |
| http://www.isg.rhul.ac.uk/tls/ | external |
| http://www.isg.rhul.ac.uk/tls/TLStiming.pdf | external |
| https://access.redhat.com/security/cve/CVE-2013-6468 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1051261 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-6468 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-6468 | external |
| https://access.redhat.com/security/cve/CVE-2013-7285 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1051277 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-7285 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-7285 | external |
| http://blog.diniscruz.com/2013/12/xstream-remote-… | external |
| http://xstream.codehaus.org/security.html | external |
| https://securityblog.redhat.com/2014/01/23/java-d… | external |
| https://access.redhat.com/security/cve/CVE-2014-0002 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1049675 | external |
| https://www.cve.org/CVERecord?id=CVE-2014-0002 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2014-0002 | external |
| http://camel.apache.org/security-advisories.data/… | external |
| https://access.redhat.com/security/cve/CVE-2014-0003 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1049692 | external |
| https://www.cve.org/CVERecord?id=CVE-2014-0003 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2014-0003 | external |
| http://camel.apache.org/security-advisories.data/… | external |
Acknowledgments
Red Hat
Marc Schoenefeld
Grégory Draperi
Red Hat Security Response Team
David Jorm
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss BPM Suite 6.0.1, which fixes multiple security issues,\nvarious bugs, and adds enhancements, is now available from the Red Hat\nCustomer Portal.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss BPM Suite is a business rules management system for the\nmanagement, storage, creation, modification, and deployment of JBoss rules.\n\nThis release of Red Hat JBoss BPM Suite 6.0.1 serves as a replacement for\nRed Hat JBoss BPM Suite 6.0.0, and includes bug fixes and enhancements.\nRefer to the Red Hat JBoss BPM Suite 6.0.1 Release Notes for information on\nthe most significant of these changes. The Release Notes will be available\nat https://access.redhat.com/site/documentation/Red_Hat_JBoss_BPM_Suite/\n\nThe following security issues are fixed with this release:\n\nIt was discovered that JBoss BPM Suite allowed remote authenticated users\nto submit arbitrary Java code in MVFLEX Expression Language (MVEL) or JBoss\nRules expressions, resulting in arbitrary code execution within the\nsecurity context of the application server. Refer to the Solution section\nfor details on the fix for this issue. (CVE-2013-6468)\n\nIt was found that XStream could deserialize arbitrary user-supplied XML\ncontent, representing objects of any type. A remote attacker able to pass\nXML to XStream could use this flaw to perform a variety of attacks,\nincluding remote code execution in the context of the server running the\nXStream application. (CVE-2013-7285)\n\nIt was found that the Apache Camel XSLT component allowed XSL stylesheets\nto call external Java methods. A remote attacker able to submit messages to\na Camel route could use this flaw to perform arbitrary remote code\nexecution in the context of the Camel server process. (CVE-2014-0003)\n\nIt was found that RESTEasy was vulnerable to XML External Entity (XXE)\nattacks. If a remote attacker submitted a request containing an external\nXML entity to a RESTEasy endpoint, the entity would be resolved, allowing\nthe attacker to read files accessible to the user running the application\nserver. This flaw affected DOM (Document Object Model) Document and JAXB\n(Java Architecture for XML Binding) input. (CVE-2011-5245, CVE-2012-0818)\n\nIt was discovered that bouncycastle leaked timing information when\ndecrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL server as a padding\noracle. (CVE-2013-1624)\n\nIt was found that the Apache Camel XSLT component would resolve entities in\nXML messages when transforming them using an XSLT route. A remote attacker\nable to submit messages to an XSLT Camel route could use this flaw to read\nfiles accessible to the user running the application server and,\npotentially, perform other more advanced XML External Entity (XXE) attacks.\n(CVE-2014-0002)\n\nThe CVE-2014-0002 and CVE-2014-0003 issues were discovered by David Jorm of\nthe Red Hat Security Response Team, and the CVE-2013-6468 issue was\ndiscovered by Marc Schoenefeld of the Red Hat Security Response Team.\n\nRed Hat would like to thank Gr\u00e9gory Draperi for independently reporting\nCVE-2013-6468.\n\nAll users of Red Hat JBoss BPM Suite 6.0.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Red Hat JBoss BPM Suite 6.0.1.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0371",
"url": "https://access.redhat.com/errata/RHSA-2014:0371"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=bpm.suite\u0026downloadType=distributions\u0026version=6.0.1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=bpm.suite\u0026downloadType=distributions\u0026version=6.0.1"
},
{
"category": "external",
"summary": "https://access.redhat.com/site/documentation/Red_Hat_JBoss_BPM_Suite/",
"url": "https://access.redhat.com/site/documentation/Red_Hat_JBoss_BPM_Suite/"
},
{
"category": "external",
"summary": "785631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=785631"
},
{
"category": "external",
"summary": "908428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908428"
},
{
"category": "external",
"summary": "1049675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049675"
},
{
"category": "external",
"summary": "1049692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049692"
},
{
"category": "external",
"summary": "1051261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051261"
},
{
"category": "external",
"summary": "1051277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051277"
},
{
"category": "external",
"summary": "1058457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1058457"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0371.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss BPM Suite 6.0.1 update",
"tracking": {
"current_release_date": "2026-05-14T22:17:28+00:00",
"generator": {
"date": "2026-05-14T22:17:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2014:0371",
"initial_release_date": "2014-04-03T21:19:56+00:00",
"revision_history": [
{
"date": "2014-04-03T21:19:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-02-20T12:32:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:17:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss BPMS 6.0",
"product": {
"name": "Red Hat JBoss BPMS 6.0",
"product_id": "Red Hat JBoss BPMS 6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_bpms:6.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-5245",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2012-01-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "785631"
}
],
"notes": [
{
"category": "description",
"text": "The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE) injection attack, a similar vulnerability to CVE-2012-0818.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "RESTEasy: XML eXternal Entity (XXE) flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-5245"
},
{
"category": "external",
"summary": "RHBZ#785631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=785631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-5245",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-5245"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-5245",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-5245"
}
],
"release_date": "2011-12-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:19:56+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BPM Suite are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BPMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0371"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss BPMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "RESTEasy: XML eXternal Entity (XXE) flaw"
},
{
"cve": "CVE-2012-0818",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2012-01-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "785631"
}
],
"notes": [
{
"category": "description",
"text": "RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "RESTEasy: XML eXternal Entity (XXE) flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-0818"
},
{
"category": "external",
"summary": "RHBZ#785631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=785631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-0818",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0818"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0818",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0818"
}
],
"release_date": "2011-12-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:19:56+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BPM Suite are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BPMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0371"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss BPMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "RESTEasy: XML eXternal Entity (XXE) flaw"
},
{
"cve": "CVE-2013-1624",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2013-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "908428"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: TLS CBC padding timing attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1624"
},
{
"category": "external",
"summary": "RHBZ#908428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1624",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1624"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/",
"url": "http://www.isg.rhul.ac.uk/tls/"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
}
],
"release_date": "2013-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:19:56+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BPM Suite are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BPMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0371"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss BPMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: TLS CBC padding timing attack"
},
{
"acknowledgments": [
{
"names": [
"Marc Schoenefeld"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Gr\u00e9gory Draperi"
]
}
],
"cve": "CVE-2013-6468",
"discovery_date": "2013-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1051261"
}
],
"notes": [
{
"category": "description",
"text": "JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Drools: Remote Java Code Execution in MVEL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-6468"
},
{
"category": "external",
"summary": "RHBZ#1051261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051261"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-6468",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6468"
}
],
"release_date": "2014-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:19:56+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BPM Suite are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BPMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0371"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss BPMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Drools: Remote Java Code Execution in MVEL"
},
{
"cve": "CVE-2013-7285",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2013-12-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1051277"
}
],
"notes": [
{
"category": "description",
"text": "It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: remote code execution due to insecure XML deserialization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-7285"
},
{
"category": "external",
"summary": "RHBZ#1051277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051277"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-7285",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-7285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-7285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-7285"
},
{
"category": "external",
"summary": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html",
"url": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html"
},
{
"category": "external",
"summary": "http://xstream.codehaus.org/security.html",
"url": "http://xstream.codehaus.org/security.html"
},
{
"category": "external",
"summary": "https://securityblog.redhat.com/2014/01/23/java-deserialization-flaws-part-2-xml-deserialization/",
"url": "https://securityblog.redhat.com/2014/01/23/java-deserialization-flaws-part-2-xml-deserialization/"
}
],
"release_date": "2013-12-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:19:56+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BPM Suite are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BPMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0371"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss BPMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "XStream: remote code execution due to insecure XML deserialization"
},
{
"acknowledgments": [
{
"names": [
"David Jorm"
],
"organization": "Red Hat Security Response Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2014-0002",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1049675"
}
],
"notes": [
{
"category": "description",
"text": "The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Camel: XML eXternal Entity (XXE) flaw in XSLT component",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0002"
},
{
"category": "external",
"summary": "RHBZ#1049675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049675"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0002"
},
{
"category": "external",
"summary": "http://camel.apache.org/security-advisories.data/CVE-2014-0002.txt.asc",
"url": "http://camel.apache.org/security-advisories.data/CVE-2014-0002.txt.asc"
}
],
"release_date": "2014-02-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:19:56+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BPM Suite are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BPMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0371"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss BPMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Camel: XML eXternal Entity (XXE) flaw in XSLT component"
},
{
"acknowledgments": [
{
"names": [
"David Jorm"
],
"organization": "Red Hat Security Response Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2014-0003",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1049692"
}
],
"notes": [
{
"category": "description",
"text": "The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Camel: remote code execution via XSL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0003"
},
{
"category": "external",
"summary": "RHBZ#1049692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049692"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0003",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0003"
},
{
"category": "external",
"summary": "http://camel.apache.org/security-advisories.data/CVE-2014-0003.txt.asc",
"url": "http://camel.apache.org/security-advisories.data/CVE-2014-0003.txt.asc"
}
],
"release_date": "2014-02-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:19:56+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BPM Suite are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BPMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0371"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss BPMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Camel: remote code execution via XSL"
}
]
}
RHSA-2014:0372
Vulnerability from csaf_redhat - Published: 2014-04-03 21:30 - Updated: 2026-05-14 22:17Summary
Red Hat Security Advisory: Red Hat JBoss BRMS 6.0.1 update
Severity
Important
Notes
Topic: Red Hat JBoss BRMS 6.0.1, which fixes multiple security issues, various
bugs, and adds enhancements, is now available from the Red Hat Customer
Portal.
The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: Red Hat JBoss BRMS is a business rules management system for the
management, storage, creation, modification, and deployment of JBoss Rules.
This release of Red Hat JBoss BRMS 6.0.1 serves as a replacement for Red
Hat JBoss BRMS 6.0.0, and includes bug fixes and enhancements. Refer to the
Red Hat JBoss BRMS 6.0.1 Release Notes for information on the most
significant of these changes. The Release Notes will be available shortly
at https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_BRMS/
The following security issues are fixed with this release:
It was discovered that JBoss BRMS allowed remote authenticated users to
submit arbitrary Java code in MVFLEX Expression Language (MVEL) or JBoss
Rules expressions, resulting in arbitrary code execution within the
security context of the application server. Refer to the Solution section
for details on the fix for this issue. (CVE-2013-6468)
It was found that XStream could deserialize arbitrary user-supplied XML
content, representing objects of any type. A remote attacker able to pass
XML to XStream could use this flaw to perform a variety of attacks,
including remote code execution in the context of the server running the
XStream application. (CVE-2013-7285)
It was found that the Apache Camel XSLT component allowed XSL stylesheets
to call external Java methods. A remote attacker able to submit messages to
a Camel route could use this flaw to perform arbitrary remote code
execution in the context of the Camel server process. (CVE-2014-0003)
It was found that RESTEasy was vulnerable to XML External Entity (XXE)
attacks. If a remote attacker submitted a request containing an external
XML entity to a RESTEasy endpoint, the entity would be resolved, allowing
the attacker to read files accessible to the user running the application
server. This flaw affected DOM (Document Object Model) Document and JAXB
(Java Architecture for XML Binding) input. (CVE-2011-5245, CVE-2012-0818)
It was discovered that bouncycastle leaked timing information when
decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL server as a padding
oracle. (CVE-2013-1624)
It was found that the Apache Camel XSLT component would resolve entities in
XML messages when transforming them using an XSLT route. A remote attacker
able to submit messages to an XSLT Camel route could use this flaw to read
files accessible to the user running the application server and,
potentially, perform other more advanced XML External Entity (XXE) attacks.
(CVE-2014-0002)
The CVE-2014-0002 and CVE-2014-0003 issues were discovered by David Jorm of
the Red Hat Security Response Team, and the CVE-2013-6468 issue was
discovered by Marc Schoenefeld of the Red Hat Security Response Team.
Red Hat would like to thank Grégory Draperi for independently reporting
CVE-2013-6468.
All users of Red Hat JBoss BRMS 6.0.0 as provided from the Red Hat Customer
Portal are advised to upgrade to Red Hat JBoss BRMS 6.0.1.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE) injection attack, a similar vulnerability to CVE-2012-0818.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BRMS 6.0
Red Hat / Red Hat Decision Manager
|
cpe:/a:redhat:jboss_brms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BRMS 6.0
Red Hat / Red Hat Decision Manager
|
cpe:/a:redhat:jboss_brms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.
5.1 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BRMS 6.0
Red Hat / Red Hat Decision Manager
|
cpe:/a:redhat:jboss_brms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.
6.5 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BRMS 6.0
Red Hat / Red Hat Decision Manager
|
cpe:/a:redhat:jboss_brms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream application.
6.8 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BRMS 6.0
Red Hat / Red Hat Decision Manager
|
cpe:/a:redhat:jboss_brms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BRMS 6.0
Red Hat / Red Hat Decision Manager
|
cpe:/a:redhat:jboss_brms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.
6.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss BRMS 6.0
Red Hat / Red Hat Decision Manager
|
cpe:/a:redhat:jboss_brms:6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Important
References
45 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2014:0372 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/jbossnetwork/restricted… | external |
| https://access.redhat.com/site/documentation/en-U… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=785631 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=908428 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1049675 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1049692 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1051261 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1051277 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2011-5245 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=785631 | external |
| https://www.cve.org/CVERecord?id=CVE-2011-5245 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2011-5245 | external |
| https://access.redhat.com/security/cve/CVE-2012-0818 | self |
| https://www.cve.org/CVERecord?id=CVE-2012-0818 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2012-0818 | external |
| https://access.redhat.com/security/cve/CVE-2013-1624 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=908428 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-1624 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-1624 | external |
| http://www.isg.rhul.ac.uk/tls/ | external |
| http://www.isg.rhul.ac.uk/tls/TLStiming.pdf | external |
| https://access.redhat.com/security/cve/CVE-2013-6468 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1051261 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-6468 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-6468 | external |
| https://access.redhat.com/security/cve/CVE-2013-7285 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1051277 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-7285 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-7285 | external |
| http://blog.diniscruz.com/2013/12/xstream-remote-… | external |
| http://xstream.codehaus.org/security.html | external |
| https://securityblog.redhat.com/2014/01/23/java-d… | external |
| https://access.redhat.com/security/cve/CVE-2014-0002 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1049675 | external |
| https://www.cve.org/CVERecord?id=CVE-2014-0002 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2014-0002 | external |
| http://camel.apache.org/security-advisories.data/… | external |
| https://access.redhat.com/security/cve/CVE-2014-0003 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1049692 | external |
| https://www.cve.org/CVERecord?id=CVE-2014-0003 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2014-0003 | external |
| http://camel.apache.org/security-advisories.data/… | external |
Acknowledgments
Red Hat
Marc Schoenefeld
Grégory Draperi
Red Hat Security Response Team
David Jorm
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss BRMS 6.0.1, which fixes multiple security issues, various\nbugs, and adds enhancements, is now available from the Red Hat Customer\nPortal.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss BRMS is a business rules management system for the\nmanagement, storage, creation, modification, and deployment of JBoss Rules.\n\nThis release of Red Hat JBoss BRMS 6.0.1 serves as a replacement for Red\nHat JBoss BRMS 6.0.0, and includes bug fixes and enhancements. Refer to the\nRed Hat JBoss BRMS 6.0.1 Release Notes for information on the most\nsignificant of these changes. The Release Notes will be available shortly\nat https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_BRMS/\n\nThe following security issues are fixed with this release:\n\nIt was discovered that JBoss BRMS allowed remote authenticated users to\nsubmit arbitrary Java code in MVFLEX Expression Language (MVEL) or JBoss\nRules expressions, resulting in arbitrary code execution within the\nsecurity context of the application server. Refer to the Solution section\nfor details on the fix for this issue. (CVE-2013-6468)\n\nIt was found that XStream could deserialize arbitrary user-supplied XML\ncontent, representing objects of any type. A remote attacker able to pass\nXML to XStream could use this flaw to perform a variety of attacks,\nincluding remote code execution in the context of the server running the\nXStream application. (CVE-2013-7285)\n\nIt was found that the Apache Camel XSLT component allowed XSL stylesheets\nto call external Java methods. A remote attacker able to submit messages to\na Camel route could use this flaw to perform arbitrary remote code\nexecution in the context of the Camel server process. (CVE-2014-0003)\n\nIt was found that RESTEasy was vulnerable to XML External Entity (XXE)\nattacks. If a remote attacker submitted a request containing an external\nXML entity to a RESTEasy endpoint, the entity would be resolved, allowing\nthe attacker to read files accessible to the user running the application\nserver. This flaw affected DOM (Document Object Model) Document and JAXB\n(Java Architecture for XML Binding) input. (CVE-2011-5245, CVE-2012-0818)\n\nIt was discovered that bouncycastle leaked timing information when\ndecrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL server as a padding\noracle. (CVE-2013-1624)\n\nIt was found that the Apache Camel XSLT component would resolve entities in\nXML messages when transforming them using an XSLT route. A remote attacker\nable to submit messages to an XSLT Camel route could use this flaw to read\nfiles accessible to the user running the application server and,\npotentially, perform other more advanced XML External Entity (XXE) attacks.\n(CVE-2014-0002)\n\nThe CVE-2014-0002 and CVE-2014-0003 issues were discovered by David Jorm of\nthe Red Hat Security Response Team, and the CVE-2013-6468 issue was\ndiscovered by Marc Schoenefeld of the Red Hat Security Response Team.\n\nRed Hat would like to thank Gr\u00e9gory Draperi for independently reporting\nCVE-2013-6468.\n\nAll users of Red Hat JBoss BRMS 6.0.0 as provided from the Red Hat Customer\nPortal are advised to upgrade to Red Hat JBoss BRMS 6.0.1.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0372",
"url": "https://access.redhat.com/errata/RHSA-2014:0372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=brms\u0026downloadType=distributions\u0026version=6.0.1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=brms\u0026downloadType=distributions\u0026version=6.0.1"
},
{
"category": "external",
"summary": "https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_BRMS/",
"url": "https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_BRMS/"
},
{
"category": "external",
"summary": "785631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=785631"
},
{
"category": "external",
"summary": "908428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908428"
},
{
"category": "external",
"summary": "1049675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049675"
},
{
"category": "external",
"summary": "1049692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049692"
},
{
"category": "external",
"summary": "1051261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051261"
},
{
"category": "external",
"summary": "1051277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051277"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0372.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss BRMS 6.0.1 update",
"tracking": {
"current_release_date": "2026-05-14T22:17:28+00:00",
"generator": {
"date": "2026-05-14T22:17:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2014:0372",
"initial_release_date": "2014-04-03T21:30:03+00:00",
"revision_history": [
{
"date": "2014-04-03T21:30:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-02-20T12:32:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:17:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss BRMS 6.0",
"product": {
"name": "Red Hat JBoss BRMS 6.0",
"product_id": "Red Hat JBoss BRMS 6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_brms:6.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Decision Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-5245",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2012-01-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "785631"
}
],
"notes": [
{
"category": "description",
"text": "The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Binding (JAXB) input, aka an XML external entity (XXE) injection attack, a similar vulnerability to CVE-2012-0818.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "RESTEasy: XML eXternal Entity (XXE) flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-5245"
},
{
"category": "external",
"summary": "RHBZ#785631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=785631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-5245",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-5245"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-5245",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-5245"
}
],
"release_date": "2011-12-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:30:03+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BRMS are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BRMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0372"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss BRMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "RESTEasy: XML eXternal Entity (XXE) flaw"
},
{
"cve": "CVE-2012-0818",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2012-01-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "785631"
}
],
"notes": [
{
"category": "description",
"text": "RESTEasy before 2.3.1 allows remote attackers to read arbitrary files via an external entity reference in a DOM document, aka an XML external entity (XXE) injection attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "RESTEasy: XML eXternal Entity (XXE) flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-0818"
},
{
"category": "external",
"summary": "RHBZ#785631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=785631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-0818",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0818"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0818",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0818"
}
],
"release_date": "2011-12-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:30:03+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BRMS are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BRMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0372"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss BRMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "RESTEasy: XML eXternal Entity (XXE) flaw"
},
{
"cve": "CVE-2013-1624",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2013-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "908428"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: TLS CBC padding timing attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1624"
},
{
"category": "external",
"summary": "RHBZ#908428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1624",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1624"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/",
"url": "http://www.isg.rhul.ac.uk/tls/"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
}
],
"release_date": "2013-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:30:03+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BRMS are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BRMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0372"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss BRMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: TLS CBC padding timing attack"
},
{
"acknowledgments": [
{
"names": [
"Marc Schoenefeld"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Gr\u00e9gory Draperi"
]
}
],
"cve": "CVE-2013-6468",
"discovery_date": "2013-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1051261"
}
],
"notes": [
{
"category": "description",
"text": "JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Drools: Remote Java Code Execution in MVEL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-6468"
},
{
"category": "external",
"summary": "RHBZ#1051261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051261"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-6468",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6468"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6468",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6468"
}
],
"release_date": "2014-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:30:03+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BRMS are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BRMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0372"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss BRMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Drools: Remote Java Code Execution in MVEL"
},
{
"cve": "CVE-2013-7285",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2013-12-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1051277"
}
],
"notes": [
{
"category": "description",
"text": "It was found that XStream could deserialize arbitrary user-supplied XML content, representing objects of any type. A remote attacker able to pass XML to XStream could use this flaw to perform a variety of attacks, including remote code execution in the context of the server running the XStream application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "XStream: remote code execution due to insecure XML deserialization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-7285"
},
{
"category": "external",
"summary": "RHBZ#1051277",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051277"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-7285",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-7285"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-7285",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-7285"
},
{
"category": "external",
"summary": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html",
"url": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html"
},
{
"category": "external",
"summary": "http://xstream.codehaus.org/security.html",
"url": "http://xstream.codehaus.org/security.html"
},
{
"category": "external",
"summary": "https://securityblog.redhat.com/2014/01/23/java-deserialization-flaws-part-2-xml-deserialization/",
"url": "https://securityblog.redhat.com/2014/01/23/java-deserialization-flaws-part-2-xml-deserialization/"
}
],
"release_date": "2013-12-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:30:03+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BRMS are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BRMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0372"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss BRMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "XStream: remote code execution due to insecure XML deserialization"
},
{
"acknowledgments": [
{
"names": [
"David Jorm"
],
"organization": "Red Hat Security Response Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2014-0002",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1049675"
}
],
"notes": [
{
"category": "description",
"text": "The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Camel: XML eXternal Entity (XXE) flaw in XSLT component",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0002"
},
{
"category": "external",
"summary": "RHBZ#1049675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049675"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0002"
},
{
"category": "external",
"summary": "http://camel.apache.org/security-advisories.data/CVE-2014-0002.txt.asc",
"url": "http://camel.apache.org/security-advisories.data/CVE-2014-0002.txt.asc"
}
],
"release_date": "2014-02-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:30:03+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BRMS are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BRMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0372"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss BRMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Camel: XML eXternal Entity (XXE) flaw in XSLT component"
},
{
"acknowledgments": [
{
"names": [
"David Jorm"
],
"organization": "Red Hat Security Response Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2014-0003",
"discovery_date": "2014-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1049692"
}
],
"notes": [
{
"category": "description",
"text": "The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Camel: remote code execution via XSL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 6.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0003"
},
{
"category": "external",
"summary": "RHBZ#1049692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049692"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0003",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0003"
},
{
"category": "external",
"summary": "http://camel.apache.org/security-advisories.data/CVE-2014-0003.txt.asc",
"url": "http://camel.apache.org/security-advisories.data/CVE-2014-0003.txt.asc"
}
],
"release_date": "2014-02-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-03T21:30:03+00:00",
"details": "The References section of this erratum contains download links (you must\nlog in to download the updates). Before applying the update, back up your\nexisting installation, including all applications, configuration files,\ndatabases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application\nServer process before installing this update, and then after installing the\nupdate, restart the server by starting the JBoss Application Server process.\n\nThe fix for CVE-2013-6468 enables the Java Security Manager (JSM) to\nsandbox the evaluation of MVEL expressions. This introduces performance\ndegradation in high load environments. The following ways of running Red\nHat JBoss BRMS are considered secure while mitigating performance\ndegradation:\n\n1. In high load environments where performance is critical, it is\nrecommended to only deploy applications that have been developed on other\nsystems and properly reviewed. It is also recommended not to create any\nusers with the Analyst role on such systems. If these safeguards are\nfollowed, it is safe to leave JSM disabled on these systems so it does not\nintroduce any performance degradation.\n\n2. In testing and development environments without high loads, or in\nenvironments where rule authoring is exposed to external networks, it is\nrecommended to have JSM enabled in order to achieve security benefits of\nproperly sandboxed evaluation of MVEL expressions.\n\nAllowing users with the Analyst role to log in to the Business Central\nconsole when JSM is disabled is not secure and not recommended.",
"product_ids": [
"Red Hat JBoss BRMS 6.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0372"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss BRMS 6.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Camel: remote code execution via XSL"
}
]
}
RHSA-2014:0400
Vulnerability from csaf_redhat - Published: 2014-04-14 13:46 - Updated: 2026-05-14 22:17Summary
Red Hat Security Advisory: Red Hat JBoss Fuse 6.1.0 update
Severity
Moderate
Notes
Topic: Red Hat JBoss Fuse 6.1.0, which fixes multiple security issues, several
bugs, and adds various enhancements, is now available from the Red Hat
Customer Portal.
The Red Hat Security Response Team has rated this update as having
Moderate security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Red Hat JBoss Fuse 6.1.0 is a minor product release that updates Red Hat
JBoss Fuse 6.0.0, and includes several bug fixes and enhancements. Refer to
the Release Notes document, available from the link in the References
section, for a list of changes.
Details: Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint,
flexible, open source enterprise service bus and integration platform.
Security fixes:
A flaw was found in the way Apache Santuario XML Security for Java
validated XML signatures. Santuario allowed a signature to specify an
arbitrary canonicalization algorithm, which would be applied to the
SignedInfo XML fragment. A remote attacker could exploit this to spoof an
XML signature via a specially crafted XML signature block. (CVE-2013-2172)
A flaw was found in the Apache Hadoop RPC protocol. A man-in-the-middle
attacker could possibly use this flaw to unilaterally disable bidirectional
authentication between a client and a server, forcing a downgrade to simple
(unidirectional) authentication. This flaw only affected users who have
enabled Hadoop's Kerberos security features. (CVE-2013-2192)
It was discovered that the Spring OXM wrapper did not expose any property
for disabling entity resolution when using the JAXB unmarshaller. A remote
attacker could use this flaw to conduct XML External Entity (XXE) attacks
on web sites, and read files in the context of the user running the
application server. (CVE-2013-4152)
It was discovered that the Apache Santuario XML Security for Java project
allowed Document Type Definitions (DTDs) to be processed when applying
Transforms even when secure validation was enabled. A remote attacker could
use this flaw to exhaust all available memory on the system, causing a
denial of service. (CVE-2013-4517)
It was found that the Spring MVC SourceHttpMessageConverter enabled entity
resolution by default. A remote attacker could use this flaw to conduct XXE
attacks on web sites, and read files in the context of the user running the
application server. (CVE-2013-6429)
The Spring JavaScript escape method insufficiently escaped some characters.
Applications using this method to escape user-supplied content, which would
be rendered in HTML5 documents, could be exposed to cross-site scripting
(XSS) flaws. (CVE-2013-6430)
A denial of service flaw was found in the way Apache Commons FileUpload
handled small-sized buffers used by MultipartStream. A remote attacker
could use this flaw to create a malformed Content-Type header for a
multipart request, causing Apache Commons FileUpload to enter an infinite
loop when processing such an incoming request. (CVE-2014-0050)
It was found that fixes for the CVE-2013-4152 and CVE-2013-6429 XXE issues
in Spring were incomplete. Spring MVC processed user-provided XML and
neither disabled XML external entities nor provided an option to disable
them, possibly allowing a remote attacker to conduct XXE attacks.
(CVE-2014-0054)
A cross-site scripting (XSS) flaw was found in the Spring Framework when
using Spring MVC. When the action was not specified in a Spring form, the
action field would be populated with the requested URI, allowing an
attacker to inject malicious content into the form. (CVE-2014-1904)
The HawtJNI Library class wrote native libraries to a predictable file name
in /tmp when the native libraries were bundled in a JAR file, and no custom
library path was specified. A local attacker could overwrite these native
libraries with malicious versions during the window between when HawtJNI
writes them and when they are executed. (CVE-2013-2035)
An information disclosure flaw was found in the way Apache Zookeeper stored
the password of an administrative user in the log files. A local user with
access to these log files could use the exposed sensitive information to
gain administrative access to an application using Apache Zookeeper.
(CVE-2014-0085)
The CVE-2013-6430 issue was discovered by Jon Passki of Coverity SRL and
Arun Neelicattu of the Red Hat Security Response Team, the CVE-2013-2035
issue was discovered by Florian Weimer of the Red Hat Product Security
Team, and the CVE-2014-0085 issue was discovered by Graeme Colman of
Red Hat.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.
5.1 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJNI writes them and when they are executed.
3.3 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via a specially crafted XML signature block.
5.8 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade to simple authentication.
3.2 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was discovered that the Apache Santuario XML Security for Java project allowed Document Type Definitions (DTDs) to be processed when applying Transforms even when secure validation was enabled. A remote attacker could use this flaw to exhaust all available memory on the system, causing a denial of service.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.
4.3 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A denial of service flaw was found in the way Apache Commons FileUpload, which is embedded in Tomcat and JBoss Web, handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing Tomcat to enter an infinite loop when processing such an incoming request.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.
4.3 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.
4.3 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Fuse 6.1
Red Hat / Fuse Enterprise Middleware
|
cpe:/a:redhat:jboss_fuse:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
74 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2014:0400 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/jbossnetwork/restricted… | external |
| https://access.redhat.com/site/documentation/en-U… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=958618 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=999263 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1000186 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1001326 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1039783 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1045257 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1053290 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1062337 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1067265 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1075296 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1075328 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2013-1624 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=908428 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-1624 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-1624 | external |
| http://www.isg.rhul.ac.uk/tls/ | external |
| http://www.isg.rhul.ac.uk/tls/TLStiming.pdf | external |
| https://access.redhat.com/security/cve/CVE-2013-2035 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=958618 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-2035 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-2035 | external |
| https://access.redhat.com/security/cve/CVE-2013-2172 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=999263 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-2172 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-2172 | external |
| http://santuario.apache.org/secadv.data/CVE-2013-… | external |
| https://access.redhat.com/security/cve/CVE-2013-2192 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1001326 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-2192 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-2192 | external |
| https://access.redhat.com/security/cve/CVE-2013-4152 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1000186 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-4152 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-4152 | external |
| http://www.gopivotal.com/security/cve-2013-4152 | external |
| https://github.com/SpringSource/spring-framework/… | external |
| https://jira.springsource.org/browse/SPR-10806 | external |
| https://access.redhat.com/security/cve/CVE-2013-4517 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1045257 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-4517 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-4517 | external |
| https://access.redhat.com/security/cve/CVE-2013-6429 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1053290 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-6429 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-6429 | external |
| http://www.gopivotal.com/security/cve-2013-6429 | external |
| https://access.redhat.com/security/cve/CVE-2013-6430 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1039783 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-6430 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-6430 | external |
| http://www.gopivotal.com/security/cve-2013-6430 | external |
| https://access.redhat.com/security/cve/CVE-2014-0050 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1062337 | external |
| https://www.cve.org/CVERecord?id=CVE-2014-0050 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2014-0050 | external |
| https://access.redhat.com/security/cve/CVE-2014-0054 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1075328 | external |
| https://www.cve.org/CVERecord?id=CVE-2014-0054 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2014-0054 | external |
| http://www.gopivotal.com/security/cve-2014-0054 | external |
| https://access.redhat.com/security/cve/CVE-2014-1904 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1075296 | external |
| https://www.cve.org/CVERecord?id=CVE-2014-1904 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2014-1904 | external |
| http://www.gopivotal.com/security/cve-2014-1904 | external |
| https://access.redhat.com/security/cve/CVE-2014-3584 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1157330 | external |
| https://www.cve.org/CVERecord?id=CVE-2014-3584 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2014-3584 | external |
Acknowledgments
Red Hat Product Security Team
Florian Weimer
Coverity SRL
Jon Passki
Red Hat Security Response Team
Arun Neelicattu
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Fuse 6.1.0, which fixes multiple security issues, several\nbugs, and adds various enhancements, is now available from the Red Hat\nCustomer Portal.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nRed Hat JBoss Fuse 6.1.0 is a minor product release that updates Red Hat\nJBoss Fuse 6.0.0, and includes several bug fixes and enhancements. Refer to\nthe Release Notes document, available from the link in the References\nsection, for a list of changes.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint,\nflexible, open source enterprise service bus and integration platform.\n\nSecurity fixes:\n\nA flaw was found in the way Apache Santuario XML Security for Java\nvalidated XML signatures. Santuario allowed a signature to specify an\narbitrary canonicalization algorithm, which would be applied to the\nSignedInfo XML fragment. A remote attacker could exploit this to spoof an\nXML signature via a specially crafted XML signature block. (CVE-2013-2172)\n\nA flaw was found in the Apache Hadoop RPC protocol. A man-in-the-middle\nattacker could possibly use this flaw to unilaterally disable bidirectional\nauthentication between a client and a server, forcing a downgrade to simple\n(unidirectional) authentication. This flaw only affected users who have\nenabled Hadoop\u0027s Kerberos security features. (CVE-2013-2192)\n\nIt was discovered that the Spring OXM wrapper did not expose any property\nfor disabling entity resolution when using the JAXB unmarshaller. A remote\nattacker could use this flaw to conduct XML External Entity (XXE) attacks\non web sites, and read files in the context of the user running the\napplication server. (CVE-2013-4152)\n\nIt was discovered that the Apache Santuario XML Security for Java project\nallowed Document Type Definitions (DTDs) to be processed when applying\nTransforms even when secure validation was enabled. A remote attacker could\nuse this flaw to exhaust all available memory on the system, causing a\ndenial of service. (CVE-2013-4517)\n\nIt was found that the Spring MVC SourceHttpMessageConverter enabled entity\nresolution by default. A remote attacker could use this flaw to conduct XXE\nattacks on web sites, and read files in the context of the user running the\napplication server. (CVE-2013-6429)\n\nThe Spring JavaScript escape method insufficiently escaped some characters.\nApplications using this method to escape user-supplied content, which would\nbe rendered in HTML5 documents, could be exposed to cross-site scripting\n(XSS) flaws. (CVE-2013-6430)\n\nA denial of service flaw was found in the way Apache Commons FileUpload\nhandled small-sized buffers used by MultipartStream. A remote attacker\ncould use this flaw to create a malformed Content-Type header for a\nmultipart request, causing Apache Commons FileUpload to enter an infinite\nloop when processing such an incoming request. (CVE-2014-0050)\n\nIt was found that fixes for the CVE-2013-4152 and CVE-2013-6429 XXE issues\nin Spring were incomplete. Spring MVC processed user-provided XML and\nneither disabled XML external entities nor provided an option to disable\nthem, possibly allowing a remote attacker to conduct XXE attacks.\n(CVE-2014-0054)\n\nA cross-site scripting (XSS) flaw was found in the Spring Framework when\nusing Spring MVC. When the action was not specified in a Spring form, the\naction field would be populated with the requested URI, allowing an\nattacker to inject malicious content into the form. (CVE-2014-1904)\n\nThe HawtJNI Library class wrote native libraries to a predictable file name\nin /tmp when the native libraries were bundled in a JAR file, and no custom\nlibrary path was specified. A local attacker could overwrite these native\nlibraries with malicious versions during the window between when HawtJNI\nwrites them and when they are executed. (CVE-2013-2035)\n\nAn information disclosure flaw was found in the way Apache Zookeeper stored\nthe password of an administrative user in the log files. A local user with\naccess to these log files could use the exposed sensitive information to\ngain administrative access to an application using Apache Zookeeper.\n(CVE-2014-0085)\n\nThe CVE-2013-6430 issue was discovered by Jon Passki of Coverity SRL and\nArun Neelicattu of the Red Hat Security Response Team, the CVE-2013-2035\nissue was discovered by Florian Weimer of the Red Hat Product Security\nTeam, and the CVE-2014-0085 issue was discovered by Graeme Colman of\nRed Hat.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0400",
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=distributions\u0026version=6.1.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=distributions\u0026version=6.1.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_Fuse/",
"url": "https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_Fuse/"
},
{
"category": "external",
"summary": "958618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=958618"
},
{
"category": "external",
"summary": "999263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=999263"
},
{
"category": "external",
"summary": "1000186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000186"
},
{
"category": "external",
"summary": "1001326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1001326"
},
{
"category": "external",
"summary": "1039783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039783"
},
{
"category": "external",
"summary": "1045257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1045257"
},
{
"category": "external",
"summary": "1053290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053290"
},
{
"category": "external",
"summary": "1062337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062337"
},
{
"category": "external",
"summary": "1067265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1067265"
},
{
"category": "external",
"summary": "1075296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075296"
},
{
"category": "external",
"summary": "1075328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075328"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0400.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Fuse 6.1.0 update",
"tracking": {
"current_release_date": "2026-05-14T22:17:12+00:00",
"generator": {
"date": "2026-05-14T22:17:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2014:0400",
"initial_release_date": "2014-04-14T13:46:50+00:00",
"revision_history": [
{
"date": "2014-04-14T13:46:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2014-04-14T14:27:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T22:17:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Fuse 6.1",
"product": {
"name": "Red Hat JBoss Fuse 6.1",
"product_id": "Red Hat JBoss Fuse 6.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:6.1.0"
}
}
}
],
"category": "product_family",
"name": "Fuse Enterprise Middleware"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-1624",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2013-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "908428"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: TLS CBC padding timing attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1624"
},
{
"category": "external",
"summary": "RHBZ#908428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1624",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1624"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/",
"url": "http://www.isg.rhul.ac.uk/tls/"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
}
],
"release_date": "2013-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: TLS CBC padding timing attack"
},
{
"acknowledgments": [
{
"names": [
"Florian Weimer"
],
"organization": "Red Hat Product Security Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2013-2035",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2013-04-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "958618"
}
],
"notes": [
{
"category": "description",
"text": "The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJNI writes them and when they are executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HawtJNI: predictable temporary file name leading to local arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2035"
},
{
"category": "external",
"summary": "RHBZ#958618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=958618"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2035",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2035"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2035",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2035"
}
],
"release_date": "2013-05-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "HawtJNI: predictable temporary file name leading to local arbitrary code execution"
},
{
"cve": "CVE-2013-2172",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"discovery_date": "2013-08-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "999263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way Apache Santuario XML Security for Java validated XML signatures. Santuario allowed a signature to specify an arbitrary canonicalization algorithm, which would be applied to the SignedInfo XML fragment. A remote attacker could exploit this to spoof an XML signature via a specially crafted XML signature block.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java: XML signature spoofing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2172"
},
{
"category": "external",
"summary": "RHBZ#999263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=999263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2172",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2172"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2172",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2172"
},
{
"category": "external",
"summary": "http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc",
"url": "http://santuario.apache.org/secadv.data/CVE-2013-2172.txt.asc"
}
],
"release_date": "2013-06-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java: XML signature spoofing"
},
{
"cve": "CVE-2013-2192",
"discovery_date": "2013-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1001326"
}
],
"notes": [
{
"category": "description",
"text": "The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade to simple authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hadoop: man-in-the-middle vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2192"
},
{
"category": "external",
"summary": "RHBZ#1001326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1001326"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2192",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2192"
}
],
"release_date": "2013-08-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hadoop: man-in-the-middle vulnerability"
},
{
"cve": "CVE-2013-4152",
"discovery_date": "2013-08-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1000186"
}
],
"notes": [
{
"category": "description",
"text": "The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: XML External Entity (XXE) injection flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4152"
},
{
"category": "external",
"summary": "RHBZ#1000186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000186"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4152",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4152"
},
{
"category": "external",
"summary": "http://www.gopivotal.com/security/cve-2013-4152",
"url": "http://www.gopivotal.com/security/cve-2013-4152"
},
{
"category": "external",
"summary": "https://github.com/SpringSource/spring-framework/pull/317",
"url": "https://github.com/SpringSource/spring-framework/pull/317"
},
{
"category": "external",
"summary": "https://jira.springsource.org/browse/SPR-10806",
"url": "https://jira.springsource.org/browse/SPR-10806"
}
],
"release_date": "2013-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Framework: XML External Entity (XXE) injection flaw"
},
{
"cve": "CVE-2013-4517",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2013-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1045257"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Apache Santuario XML Security for Java project allowed Document Type Definitions (DTDs) to be processed when applying Transforms even when secure validation was enabled. A remote attacker could use this flaw to exhaust all available memory on the system, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Java: Java XML Signature DoS Attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Fuse ESB 4, Fuse Message Broker 5.2, 5.3, 5.4, Fuse Mediation Router 2.7, 2.8 and Fuse Services Framework 2.3, 2.4 are now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Fuse Product Life Cycle: https://access.redhat.com/support/policy/updates/fusesource/\n\nFuse ESB Enterprise is now in Maintenance Support phase receiving only qualified Important and Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Fuse Product Life Cycle: https://access.redhat.com/support/policy/updates/fusesource/\n\nRed Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 4; Red Hat JBoss Enterprise Data Services Platform 5; Red Hat JBoss Enterprise Portal Platform 4 and 5; and Red Hat JBoss Enterprise SOA Platform 4 and 5 are now in Phase 3, Extended Life Support, of their respective life cycles. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat JBoss Middleware and Red Hat JBoss Operations Network Product Update and Support Policy: https://access.redhat.com/support/policy/updates/jboss_notes/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4517"
},
{
"category": "external",
"summary": "RHBZ#1045257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1045257"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4517"
}
],
"release_date": "2013-11-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Java: Java XML Signature DoS Attack"
},
{
"cve": "CVE-2013-6429",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053290"
}
],
"notes": [
{
"category": "description",
"text": "The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: XML External Entity (XXE) injection flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-6429"
},
{
"category": "external",
"summary": "RHBZ#1053290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053290"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-6429",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6429"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6429",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6429"
},
{
"category": "external",
"summary": "http://www.gopivotal.com/security/cve-2013-6429",
"url": "http://www.gopivotal.com/security/cve-2013-6429"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Framework: XML External Entity (XXE) injection flaw"
},
{
"acknowledgments": [
{
"names": [
"Jon Passki"
],
"organization": "Coverity SRL"
},
{
"names": [
"Arun Neelicattu"
],
"organization": "Red Hat Security Response Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2013-6430",
"discovery_date": "2013-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1039783"
}
],
"notes": [
{
"category": "description",
"text": "The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: org.spring.web.util.JavaScriptUtils.javaScriptEscape insufficient escaping of characters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-6430"
},
{
"category": "external",
"summary": "RHBZ#1039783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-6430",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6430"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6430",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6430"
},
{
"category": "external",
"summary": "http://www.gopivotal.com/security/cve-2013-6430",
"url": "http://www.gopivotal.com/security/cve-2013-6430"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Framework: org.spring.web.util.JavaScriptUtils.javaScriptEscape insufficient escaping of characters"
},
{
"cve": "CVE-2014-0050",
"discovery_date": "2014-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1062337"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in the way Apache Commons FileUpload, which is embedded in Tomcat and JBoss Web, handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing Tomcat to enter an infinite loop when processing such an incoming request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-fileupload: denial of service due to too-small buffer size used by MultipartStream",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0050"
},
{
"category": "external",
"summary": "RHBZ#1062337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0050",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0050"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0050",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0050"
}
],
"release_date": "2014-02-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-fileupload: denial of service due to too-small buffer size used by MultipartStream"
},
{
"cve": "CVE-2014-0054",
"discovery_date": "2014-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1075328"
}
],
"notes": [
{
"category": "description",
"text": "The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: incomplete fix for CVE-2013-7315/CVE-2013-6429",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Security Response Team has rated this issue as having Moderate security impact. OpenShift Enterprise 1 is currently in the Production 1 phase of its lifecycle, as such this issue is not currently planned to be addressed in future updates. For additional information, refer to the Satellite Life Cycle: https://access.redhat.com/site/support/policy/updates/openshift page.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0054"
},
{
"category": "external",
"summary": "RHBZ#1075328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075328"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0054",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0054"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0054",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0054"
},
{
"category": "external",
"summary": "http://www.gopivotal.com/security/cve-2014-0054",
"url": "http://www.gopivotal.com/security/cve-2014-0054"
}
],
"release_date": "2014-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Framework: incomplete fix for CVE-2013-7315/CVE-2013-6429"
},
{
"cve": "CVE-2014-1904",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2014-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1075296"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: cross-site scripting flaw when using Spring MVC",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Security Response Team has rated this issue as having Moderate security impact. OpenShift Enterprise 1 is currently in the Production 1 phase of its lifecycle, as such this issue is not currently planned to be addressed in future updates. For additional information, refer to the Satellite Life Cycle: https://access.redhat.com/site/support/policy/updates/openshift page.\n\nFuse ESB Enterprise is now in Maintenance Support phase receiving only qualified Important and Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Fuse Product Life Cycle: https://access.redhat.com/support/policy/updates/fusesource/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1904"
},
{
"category": "external",
"summary": "RHBZ#1075296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1904",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1904"
},
{
"category": "external",
"summary": "http://www.gopivotal.com/security/cve-2014-1904",
"url": "http://www.gopivotal.com/security/cve-2014-1904"
}
],
"release_date": "2014-02-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Framework: cross-site scripting flaw when using Spring MVC"
},
{
"cve": "CVE-2014-3584",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2014-10-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1157330"
}
],
"notes": [
{
"category": "description",
"text": "The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: Denial of Service (DoS) via invalid JAX-RS SAML tokens",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect Apache CXF as shipped with Red Hat JBoss Enterprise Application Platform 5 and 6; Red Hat JBoss Enterprise Web Platform 5; Red Hat JBoss SOA Platform 5; Red Hat JBoss Fuse Service Works 6; Red Hat JBoss BRMS 5 and 6; Red Hat JBoss BPM Suite 6; Red Hat JBoss Data Virtualization 6; Red Hat JBoss Operations Network 3 and Red Hat JBoss Portal Platform 6 as the REST Web Services endpoints are not available.\n\nFuse ESB Enterprise 7 is now in Maintenance Support phase receiving only qualified Important and Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Fuse Product Life Cycle: https://access.redhat.com/support/policy/updates/fusesource/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Fuse 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-3584"
},
{
"category": "external",
"summary": "RHBZ#1157330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1157330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-3584",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3584"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3584",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3584"
}
],
"release_date": "2014-10-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:50+00:00",
"details": "All users of Red Hat JBoss Fuse 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss Fuse 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0400"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Fuse 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: Denial of Service (DoS) via invalid JAX-RS SAML tokens"
}
]
}
RHSA-2014:0401
Vulnerability from csaf_redhat - Published: 2014-04-14 13:46 - Updated: 2026-05-14 15:30Summary
Red Hat Security Advisory: Red Hat JBoss A-MQ 6.1.0 update
Severity
Moderate
Notes
Topic: Red Hat JBoss A-MQ 6.1.0, which fixes multiple security issues, several
bugs, and adds various enhancements, is now available from the Red Hat
Customer Portal.
The Red Hat Security Response Team has rated this update as having
Moderate security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant
messaging system that is tailored for use in mission critical applications.
Red Hat JBoss A-MQ 6.1.0 is a minor product release that updates Red Hat
JBoss A-MQ 6.0.0 and includes several bug fixes and enhancements. Refer to
the Release Notes document, available from the link in the References
section, for a list of changes.
The following security issues are resolved with this update:
A flaw was found in the Apache Hadoop RPC protocol. A man-in-the-middle
attacker could possibly use this flaw to unilaterally disable bidirectional
authentication between a client and a server, forcing a downgrade to simple
(unidirectional) authentication. This flaw only affected users who have
enabled Hadoop's Kerberos security features. (CVE-2013-2192)
It was discovered that the Spring OXM wrapper did not expose any property
for disabling entity resolution when using the JAXB unmarshaller. A remote
attacker could use this flaw to conduct XML External Entity (XXE) attacks
on web sites, and read files in the context of the user running the
application server. The patch for this flaw disables external entity
processing by default, and provides a configuration directive to re-enable
it. (CVE-2013-4152)
It was found that the Spring MVC SourceHttpMessageConverter enabled entity
resolution by default. A remote attacker could use this flaw to conduct XXE
attacks on web sites, and read files in the context of the user running the
application server. The patch for this flaw disables external entity
processing by default, and introduces a property to re-enable it.
(CVE-2013-6429)
The Spring JavaScript escape method insufficiently escaped some characters.
Applications using this method to escape user-supplied content, which would
be rendered in HTML5 documents, could be exposed to cross-site scripting
(XSS) flaws. (CVE-2013-6430)
A denial of service flaw was found in the way Apache Commons FileUpload
handled small-sized buffers used by MultipartStream. A remote attacker
could use this flaw to create a malformed Content-Type header for a
multipart request, causing Apache Commons FileUpload to enter an infinite
loop when processing such an incoming request. (CVE-2014-0050)
It was found that fixes for the CVE-2013-4152 and CVE-2013-6429 XXE issues
in Spring were incomplete. Spring MVC processed user-provided XML and
neither disabled XML external entities nor provided an option to disable
them, possibly allowing a remote attacker to conduct XXE attacks.
(CVE-2014-0054)
A cross-site scripting (XSS) flaw was found in the Spring Framework when
using Spring MVC. When the action was not specified in a Spring form, the
action field would be populated with the requested URI, allowing an
attacker to inject malicious content into the form. (CVE-2014-1904)
The HawtJNI Library class wrote native libraries to a predictable file name
in /tmp when the native libraries were bundled in a JAR file, and no custom
library path was specified. A local attacker could overwrite these native
libraries with malicious versions during the window between when HawtJNI
writes them and when they are executed. (CVE-2013-2035)
An information disclosure flaw was found in the way Apache Zookeeper stored
the password of an administrative user in the log files. A local user with
access to these log files could use the exposed sensitive information to
gain administrative access to an application using Apache Zookeeper.
(CVE-2014-0085)
The CVE-2013-6430 issue was discovered by Jon Passki of Coverity SRL and
Arun Neelicattu of the Red Hat Security Response Team, the CVE-2013-2035
issue was discovered by Florian Weimer of the Red Hat Product Security
Team, and the CVE-2014-0085 issue was discovered by Graeme Colman of
Red Hat.
All users of Red Hat JBoss A-MQ 6.0.0 as provided from the Red Hat Customer
Portal are advised to apply this update.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.
5.1 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:jboss_amq:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJNI writes them and when they are executed.
3.3 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:jboss_amq:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade to simple authentication.
3.2 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:jboss_amq:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:jboss_amq:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:jboss_amq:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.
4.3 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:jboss_amq:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A denial of service flaw was found in the way Apache Commons FileUpload, which is embedded in Tomcat and JBoss Web, handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing Tomcat to enter an infinite loop when processing such an incoming request.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:jboss_amq:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.
5.0 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:jboss_amq:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.
4.3 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss A-MQ 6.1
Red Hat / Red Hat JBoss AMQ
|
cpe:/a:redhat:jboss_amq:6.1.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
59 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2014:0401 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/jbossnetwork/restricted… | external |
| https://access.redhat.com/site/documentation/en-U… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=958618 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1000186 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1001326 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1039783 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1053290 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1062337 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1067265 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1075296 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1075328 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2013-1624 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=908428 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-1624 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-1624 | external |
| http://www.isg.rhul.ac.uk/tls/ | external |
| http://www.isg.rhul.ac.uk/tls/TLStiming.pdf | external |
| https://access.redhat.com/security/cve/CVE-2013-2035 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=958618 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-2035 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-2035 | external |
| https://access.redhat.com/security/cve/CVE-2013-2192 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1001326 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-2192 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-2192 | external |
| https://access.redhat.com/security/cve/CVE-2013-4152 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1000186 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-4152 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-4152 | external |
| http://www.gopivotal.com/security/cve-2013-4152 | external |
| https://github.com/SpringSource/spring-framework/… | external |
| https://jira.springsource.org/browse/SPR-10806 | external |
| https://access.redhat.com/security/cve/CVE-2013-6429 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1053290 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-6429 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-6429 | external |
| http://www.gopivotal.com/security/cve-2013-6429 | external |
| https://access.redhat.com/security/cve/CVE-2013-6430 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1039783 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-6430 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-6430 | external |
| http://www.gopivotal.com/security/cve-2013-6430 | external |
| https://access.redhat.com/security/cve/CVE-2014-0050 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1062337 | external |
| https://www.cve.org/CVERecord?id=CVE-2014-0050 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2014-0050 | external |
| https://access.redhat.com/security/cve/CVE-2014-0054 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1075328 | external |
| https://www.cve.org/CVERecord?id=CVE-2014-0054 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2014-0054 | external |
| http://www.gopivotal.com/security/cve-2014-0054 | external |
| https://access.redhat.com/security/cve/CVE-2014-1904 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1075296 | external |
| https://www.cve.org/CVERecord?id=CVE-2014-1904 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2014-1904 | external |
| http://www.gopivotal.com/security/cve-2014-1904 | external |
Acknowledgments
Red Hat Product Security Team
Florian Weimer
Coverity SRL
Jon Passki
Red Hat Security Response Team
Arun Neelicattu
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss A-MQ 6.1.0, which fixes multiple security issues, several\nbugs, and adds various enhancements, is now available from the Red Hat\nCustomer Portal.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant\nmessaging system that is tailored for use in mission critical applications.\n\nRed Hat JBoss A-MQ 6.1.0 is a minor product release that updates Red Hat\nJBoss A-MQ 6.0.0 and includes several bug fixes and enhancements. Refer to\nthe Release Notes document, available from the link in the References\nsection, for a list of changes.\n\nThe following security issues are resolved with this update:\n\nA flaw was found in the Apache Hadoop RPC protocol. A man-in-the-middle\nattacker could possibly use this flaw to unilaterally disable bidirectional\nauthentication between a client and a server, forcing a downgrade to simple\n(unidirectional) authentication. This flaw only affected users who have\nenabled Hadoop\u0027s Kerberos security features. (CVE-2013-2192)\n\nIt was discovered that the Spring OXM wrapper did not expose any property\nfor disabling entity resolution when using the JAXB unmarshaller. A remote\nattacker could use this flaw to conduct XML External Entity (XXE) attacks\non web sites, and read files in the context of the user running the\napplication server. The patch for this flaw disables external entity\nprocessing by default, and provides a configuration directive to re-enable\nit. (CVE-2013-4152)\n\nIt was found that the Spring MVC SourceHttpMessageConverter enabled entity\nresolution by default. A remote attacker could use this flaw to conduct XXE\nattacks on web sites, and read files in the context of the user running the\napplication server. The patch for this flaw disables external entity\nprocessing by default, and introduces a property to re-enable it.\n(CVE-2013-6429)\n\nThe Spring JavaScript escape method insufficiently escaped some characters.\nApplications using this method to escape user-supplied content, which would\nbe rendered in HTML5 documents, could be exposed to cross-site scripting\n(XSS) flaws. (CVE-2013-6430)\n\nA denial of service flaw was found in the way Apache Commons FileUpload\nhandled small-sized buffers used by MultipartStream. A remote attacker\ncould use this flaw to create a malformed Content-Type header for a\nmultipart request, causing Apache Commons FileUpload to enter an infinite\nloop when processing such an incoming request. (CVE-2014-0050)\n\nIt was found that fixes for the CVE-2013-4152 and CVE-2013-6429 XXE issues\nin Spring were incomplete. Spring MVC processed user-provided XML and\nneither disabled XML external entities nor provided an option to disable\nthem, possibly allowing a remote attacker to conduct XXE attacks.\n(CVE-2014-0054)\n\nA cross-site scripting (XSS) flaw was found in the Spring Framework when\nusing Spring MVC. When the action was not specified in a Spring form, the\naction field would be populated with the requested URI, allowing an\nattacker to inject malicious content into the form. (CVE-2014-1904)\n\nThe HawtJNI Library class wrote native libraries to a predictable file name\nin /tmp when the native libraries were bundled in a JAR file, and no custom\nlibrary path was specified. A local attacker could overwrite these native\nlibraries with malicious versions during the window between when HawtJNI\nwrites them and when they are executed. (CVE-2013-2035)\n\nAn information disclosure flaw was found in the way Apache Zookeeper stored\nthe password of an administrative user in the log files. A local user with\naccess to these log files could use the exposed sensitive information to\ngain administrative access to an application using Apache Zookeeper.\n(CVE-2014-0085)\n\nThe CVE-2013-6430 issue was discovered by Jon Passki of Coverity SRL and\nArun Neelicattu of the Red Hat Security Response Team, the CVE-2013-2035\nissue was discovered by Florian Weimer of the Red Hat Product Security\nTeam, and the CVE-2014-0085 issue was discovered by Graeme Colman of\nRed Hat.\n\nAll users of Red Hat JBoss A-MQ 6.0.0 as provided from the Red Hat Customer\nPortal are advised to apply this update.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0401",
"url": "https://access.redhat.com/errata/RHSA-2014:0401"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.amq\u0026downloadType=distributions\u0026version=6.1.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.amq\u0026downloadType=distributions\u0026version=6.1.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_A-MQ/",
"url": "https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_A-MQ/"
},
{
"category": "external",
"summary": "958618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=958618"
},
{
"category": "external",
"summary": "1000186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000186"
},
{
"category": "external",
"summary": "1001326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1001326"
},
{
"category": "external",
"summary": "1039783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039783"
},
{
"category": "external",
"summary": "1053290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053290"
},
{
"category": "external",
"summary": "1062337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062337"
},
{
"category": "external",
"summary": "1067265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1067265"
},
{
"category": "external",
"summary": "1075296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075296"
},
{
"category": "external",
"summary": "1075328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075328"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0401.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss A-MQ 6.1.0 update",
"tracking": {
"current_release_date": "2026-05-14T15:30:56+00:00",
"generator": {
"date": "2026-05-14T15:30:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2014:0401",
"initial_release_date": "2014-04-14T13:46:41+00:00",
"revision_history": [
{
"date": "2014-04-14T13:46:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-02-20T12:33:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T15:30:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss A-MQ 6.1",
"product": {
"name": "Red Hat JBoss A-MQ 6.1",
"product_id": "Red Hat JBoss A-MQ 6.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:6.1.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss AMQ"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-1624",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2013-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "908428"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: TLS CBC padding timing attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1624"
},
{
"category": "external",
"summary": "RHBZ#908428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1624",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1624"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/",
"url": "http://www.isg.rhul.ac.uk/tls/"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
}
],
"release_date": "2013-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:41+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0401"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss A-MQ 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: TLS CBC padding timing attack"
},
{
"acknowledgments": [
{
"names": [
"Florian Weimer"
],
"organization": "Red Hat Product Security Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2013-2035",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2013-04-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "958618"
}
],
"notes": [
{
"category": "description",
"text": "The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJNI writes them and when they are executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HawtJNI: predictable temporary file name leading to local arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2035"
},
{
"category": "external",
"summary": "RHBZ#958618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=958618"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2035",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2035"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2035",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2035"
}
],
"release_date": "2013-05-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:41+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0401"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss A-MQ 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "HawtJNI: predictable temporary file name leading to local arbitrary code execution"
},
{
"cve": "CVE-2013-2192",
"discovery_date": "2013-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1001326"
}
],
"notes": [
{
"category": "description",
"text": "The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade to simple authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hadoop: man-in-the-middle vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2192"
},
{
"category": "external",
"summary": "RHBZ#1001326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1001326"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2192",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2192"
}
],
"release_date": "2013-08-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:41+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0401"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss A-MQ 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "hadoop: man-in-the-middle vulnerability"
},
{
"cve": "CVE-2013-4152",
"discovery_date": "2013-08-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1000186"
}
],
"notes": [
{
"category": "description",
"text": "The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: XML External Entity (XXE) injection flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4152"
},
{
"category": "external",
"summary": "RHBZ#1000186",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000186"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4152",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4152"
},
{
"category": "external",
"summary": "http://www.gopivotal.com/security/cve-2013-4152",
"url": "http://www.gopivotal.com/security/cve-2013-4152"
},
{
"category": "external",
"summary": "https://github.com/SpringSource/spring-framework/pull/317",
"url": "https://github.com/SpringSource/spring-framework/pull/317"
},
{
"category": "external",
"summary": "https://jira.springsource.org/browse/SPR-10806",
"url": "https://jira.springsource.org/browse/SPR-10806"
}
],
"release_date": "2013-08-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:41+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0401"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss A-MQ 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Framework: XML External Entity (XXE) injection flaw"
},
{
"cve": "CVE-2013-6429",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2014-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1053290"
}
],
"notes": [
{
"category": "description",
"text": "The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: XML External Entity (XXE) injection flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-6429"
},
{
"category": "external",
"summary": "RHBZ#1053290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053290"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-6429",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6429"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6429",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6429"
},
{
"category": "external",
"summary": "http://www.gopivotal.com/security/cve-2013-6429",
"url": "http://www.gopivotal.com/security/cve-2013-6429"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:41+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0401"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss A-MQ 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Framework: XML External Entity (XXE) injection flaw"
},
{
"acknowledgments": [
{
"names": [
"Jon Passki"
],
"organization": "Coverity SRL"
},
{
"names": [
"Arun Neelicattu"
],
"organization": "Red Hat Security Response Team",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2013-6430",
"discovery_date": "2013-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1039783"
}
],
"notes": [
{
"category": "description",
"text": "The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: org.spring.web.util.JavaScriptUtils.javaScriptEscape insufficient escaping of characters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-6430"
},
{
"category": "external",
"summary": "RHBZ#1039783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-6430",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6430"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-6430",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6430"
},
{
"category": "external",
"summary": "http://www.gopivotal.com/security/cve-2013-6430",
"url": "http://www.gopivotal.com/security/cve-2013-6430"
}
],
"release_date": "2014-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:41+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0401"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss A-MQ 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Framework: org.spring.web.util.JavaScriptUtils.javaScriptEscape insufficient escaping of characters"
},
{
"cve": "CVE-2014-0050",
"discovery_date": "2014-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1062337"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw was found in the way Apache Commons FileUpload, which is embedded in Tomcat and JBoss Web, handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing Tomcat to enter an infinite loop when processing such an incoming request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apache-commons-fileupload: denial of service due to too-small buffer size used by MultipartStream",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0050"
},
{
"category": "external",
"summary": "RHBZ#1062337",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062337"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0050",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0050"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0050",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0050"
}
],
"release_date": "2014-02-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:41+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0401"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss A-MQ 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "apache-commons-fileupload: denial of service due to too-small buffer size used by MultipartStream"
},
{
"cve": "CVE-2014-0054",
"discovery_date": "2014-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1075328"
}
],
"notes": [
{
"category": "description",
"text": "The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: incomplete fix for CVE-2013-7315/CVE-2013-6429",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Security Response Team has rated this issue as having Moderate security impact. OpenShift Enterprise 1 is currently in the Production 1 phase of its lifecycle, as such this issue is not currently planned to be addressed in future updates. For additional information, refer to the Satellite Life Cycle: https://access.redhat.com/site/support/policy/updates/openshift page.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-0054"
},
{
"category": "external",
"summary": "RHBZ#1075328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075328"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-0054",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0054"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0054",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0054"
},
{
"category": "external",
"summary": "http://www.gopivotal.com/security/cve-2014-0054",
"url": "http://www.gopivotal.com/security/cve-2014-0054"
}
],
"release_date": "2014-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:41+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0401"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss A-MQ 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Framework: incomplete fix for CVE-2013-7315/CVE-2013-6429"
},
{
"cve": "CVE-2014-1904",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2014-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1075296"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Framework: cross-site scripting flaw when using Spring MVC",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Security Response Team has rated this issue as having Moderate security impact. OpenShift Enterprise 1 is currently in the Production 1 phase of its lifecycle, as such this issue is not currently planned to be addressed in future updates. For additional information, refer to the Satellite Life Cycle: https://access.redhat.com/site/support/policy/updates/openshift page.\n\nFuse ESB Enterprise is now in Maintenance Support phase receiving only qualified Important and Critical impact security fixes. This issue has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Fuse Product Life Cycle: https://access.redhat.com/support/policy/updates/fusesource/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2014-1904"
},
{
"category": "external",
"summary": "RHBZ#1075296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1075296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2014-1904",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-1904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1904"
},
{
"category": "external",
"summary": "http://www.gopivotal.com/security/cve-2014-1904",
"url": "http://www.gopivotal.com/security/cve-2014-1904"
}
],
"release_date": "2014-02-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-04-14T13:46:41+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0401"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss A-MQ 6.1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Framework: cross-site scripting flaw when using Spring MVC"
}
]
}
RHSA-2014:0896
Vulnerability from csaf_redhat - Published: 2014-07-16 17:12 - Updated: 2026-01-28 22:54Summary
Red Hat Security Advisory: Red Hat JBoss Web Framework Kit 2.6.0 update
Severity
Moderate
Notes
Topic: Red Hat JBoss Web Framework Kit 2.6.0, which fixes two security issues,
various bugs, and adds enhancements, is now available from the Red Hat
Customer Portal.
The Red Hat Security Response Team has rated this update as having Moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details: Red Hat JBoss Web Framework Kit combines popular open source web frameworks
into a single solution for Java applications.
This release serves as a replacement for Red Hat JBoss Web Framework Kit
2.5.0, and includes bug fixes and enhancements. Refer to the 2.6.0 Release
Notes for information on the most significant of these changes, available
shortly from https://access.redhat.com/documentation/
This release also fixes the following security issues:
It was discovered that bouncycastle leaked timing information when
decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL server as a padding
oracle. (CVE-2013-1624)
It was found that Mojarra JavaServer Faces did not properly escape
user-supplied content in certain circumstances. Contents of outputText tags
and raw EL expressions that immediately follow script or style elements
were not escaped. A remote attacker could use a specially crafted URL to
execute arbitrary web script in the user's browser. (CVE-2013-5855)
All users of Red Hat JBoss Web Framework Kit 2.5.0 as provided from the Red
Hat Customer Portal are advised to upgrade to Red Hat JBoss Web Framework
Kit 2.6.0.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.
5.1 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Web Framework Kit 2.6
Red Hat / Red Hat JBoss Web Framework Kit
|
cpe:/a:redhat:jboss_enterprise_web_framework:2.6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
It was found that Mojarra JavaServer Faces did not properly escape user-supplied content in certain circumstances. Contents of outputText tags and raw EL expressions that immediately follow script or style elements were not escaped. A remote attacker could use a specially crafted URL to execute arbitrary web script in the user's browser.
4.3 ()
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat JBoss Web Framework Kit 2.6
Red Hat / Red Hat JBoss Web Framework Kit
|
cpe:/a:redhat:jboss_enterprise_web_framework:2.6.0
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
18 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2014:0896 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/jbossnetwork/restricted… | external |
| https://access.redhat.com/documentation/en-US/Red… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=908428 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=1065139 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2013-1624 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=908428 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-1624 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-1624 | external |
| http://www.isg.rhul.ac.uk/tls/ | external |
| http://www.isg.rhul.ac.uk/tls/TLStiming.pdf | external |
| https://access.redhat.com/security/cve/CVE-2013-5855 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=1065139 | external |
| https://www.cve.org/CVERecord?id=CVE-2013-5855 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2013-5855 | external |
| http://h30499.www3.hp.com/t5/HP-Security-Research… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Web Framework Kit 2.6.0, which fixes two security issues,\nvarious bugs, and adds enhancements, is now available from the Red Hat\nCustomer Portal.\n\nThe Red Hat Security Response Team has rated this update as having Moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Web Framework Kit combines popular open source web frameworks\ninto a single solution for Java applications.\n\nThis release serves as a replacement for Red Hat JBoss Web Framework Kit\n2.5.0, and includes bug fixes and enhancements. Refer to the 2.6.0 Release\nNotes for information on the most significant of these changes, available\nshortly from https://access.redhat.com/documentation/\n\nThis release also fixes the following security issues:\n\nIt was discovered that bouncycastle leaked timing information when\ndecrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL server as a padding\noracle. (CVE-2013-1624)\n\nIt was found that Mojarra JavaServer Faces did not properly escape\nuser-supplied content in certain circumstances. Contents of outputText tags\nand raw EL expressions that immediately follow script or style elements\nwere not escaped. A remote attacker could use a specially crafted URL to\nexecute arbitrary web script in the user\u0027s browser. (CVE-2013-5855)\n\nAll users of Red Hat JBoss Web Framework Kit 2.5.0 as provided from the Red\nHat Customer Portal are advised to upgrade to Red Hat JBoss Web Framework\nKit 2.6.0.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2014:0896",
"url": "https://access.redhat.com/errata/RHSA-2014:0896"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=web.framework.kit\u0026downloadType=distributions",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=web.framework.kit\u0026downloadType=distributions"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Framework_Kit/",
"url": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Framework_Kit/"
},
{
"category": "external",
"summary": "908428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908428"
},
{
"category": "external",
"summary": "1065139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065139"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0896.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Web Framework Kit 2.6.0 update",
"tracking": {
"current_release_date": "2026-01-28T22:54:29+00:00",
"generator": {
"date": "2026-01-28T22:54:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2014:0896",
"initial_release_date": "2014-07-16T17:12:11+00:00",
"revision_history": [
{
"date": "2014-07-16T17:12:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-06-15T16:41:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-28T22:54:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Web Framework Kit 2.6",
"product": {
"name": "Red Hat JBoss Web Framework Kit 2.6",
"product_id": "Red Hat JBoss Web Framework Kit 2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_web_framework:2.6.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Web Framework Kit"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-1624",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2013-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "908428"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: TLS CBC padding timing attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Framework Kit 2.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1624"
},
{
"category": "external",
"summary": "RHBZ#908428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=908428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1624",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1624"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1624"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/",
"url": "http://www.isg.rhul.ac.uk/tls/"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf",
"url": "http://www.isg.rhul.ac.uk/tls/TLStiming.pdf"
}
],
"release_date": "2013-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-16T17:12:11+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting installation of Red Hat JBoss Enterprise Application Platform or\nRed Hat JBoss Web Server, and applications deployed to it.\n\nThe JBoss server process must be restarted for this update to take effect.",
"product_ids": [
"Red Hat JBoss Web Framework Kit 2.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0896"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"Red Hat JBoss Web Framework Kit 2.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bouncycastle: TLS CBC padding timing attack"
},
{
"cve": "CVE-2013-5855",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2014-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1065139"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Mojarra JavaServer Faces did not properly escape user-supplied content in certain circumstances. Contents of outputText tags and raw EL expressions that immediately follow script or style elements were not escaped. A remote attacker could use a specially crafted URL to execute arbitrary web script in the user\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JSF: XSS due to insufficient escaping of user-supplied content in outputText tags and EL expressions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Web Framework Kit 2.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5855"
},
{
"category": "external",
"summary": "RHBZ#1065139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065139"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5855",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5855"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5855",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5855"
},
{
"category": "external",
"summary": "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/JSF-outputText-tag-the-good-the-bad-and-the-ugly/bc-p/6370209",
"url": "http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/JSF-outputText-tag-the-good-the-bad-and-the-ugly/bc-p/6370209"
}
],
"release_date": "2014-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2014-07-16T17:12:11+00:00",
"details": "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting installation of Red Hat JBoss Enterprise Application Platform or\nRed Hat JBoss Web Server, and applications deployed to it.\n\nThe JBoss server process must be restarted for this update to take effect.",
"product_ids": [
"Red Hat JBoss Web Framework Kit 2.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2014:0896"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"Red Hat JBoss Web Framework Kit 2.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JSF: XSS due to insufficient escaping of user-supplied content in outputText tags and EL expressions"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…