All the vulnerabilites related to Red Hat - JBossWS
cve-2011-2487
Vulnerability from cvelistv5
Published
2020-03-11 15:45
Modified
2024-08-06 23:00
Severity ?
EPSS score ?
Summary
The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T23:00:33.988Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=713539" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.nds.ruhr-uni-bochum.de/research/publications/breaking-xml-encryption-pkcs15/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://cxf.apache.org/note-on-cve-2011-2487.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0191.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0192.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0193.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0194.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0195.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0196.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0198.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0221.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.securityfocus.com/bid/57549" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81737" }, { "name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "WSS4J", "vendor": "Apache", "versions": [ { "status": "affected", "version": "before 1.6.5" } ] }, { "product": "JBossWS", "vendor": "Red Hat", "versions": [ { "status": "affected", "version": "unknown" } ] } ], "datePublic": "2013-01-24T00:00:00", "descriptions": [ { "lang": "en", "value": "The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack." } ], "problemTypes": [ { "descriptions": [ { "description": "Other", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-16T11:06:54", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=713539" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.nds.ruhr-uni-bochum.de/research/publications/breaking-xml-encryption-pkcs15/" }, { "tags": [ "x_refsource_MISC" ], "url": "http://cxf.apache.org/note-on-cve-2011-2487.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0191.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0192.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0193.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0194.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0195.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0196.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0198.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0221.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.securityfocus.com/bid/57549" }, { "tags": [ "x_refsource_MISC" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81737" }, { "name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E" }, { "name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-2487", "datePublished": "2020-03-11T15:45:46", "dateReserved": "2011-06-15T00:00:00", "dateUpdated": "2024-08-06T23:00:33.988Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }