Vulnerabilites related to gchq - stroom
CVE-2025-25182 (GCVE-0-2025-25182)
Vulnerability from cvelistv5
Published
2025-02-12 16:16
Modified
2025-02-12 19:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-290 - Authentication Bypass by Spoofing
Summary
Stroom is a data processing, storage and analysis platform. A vulnerability exists starting in version 7.2-beta.53 and prior to versions 7.2.24, 7.3-beta.22, 7.4.4, and 7.5-beta.2 that allows authentication bypass to a Stroom system when configured with ALB and installed in a way that the application is accessible not through the ALB itself. This vulnerability may also allow for server-side request forgery which may lead to code execution or further privileges escalations when using the AWS metadata URL. This scenario assumes that Stroom must be configured to use ALB Authentication integration and the application is network accessible. The vulnerability has been fixed in versions 7.2.24, 7.3-beta.22, 7.4.4, and 7.5-beta.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/gchq/stroom/security/advisories/GHSA-x489-xx2m-vc43 | x_refsource_CONFIRM | |
| https://github.com/gchq/stroom/pull/4320 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T19:24:42.603928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:24:50.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "stroom",
"vendor": "gchq",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.2-beta.53, \u003c 7.2.24"
},
{
"status": "affected",
"version": "= 7.5-beta.1"
},
{
"status": "affected",
"version": "\u003e= 7.3-beta.1, \u003c 7.3-beta.22"
},
{
"status": "affected",
"version": "\u003e= 7.4-beta.1, \u003c 7.4.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stroom is a data processing, storage and analysis platform. A vulnerability exists starting in version 7.2-beta.53 and prior to versions 7.2.24, 7.3-beta.22, 7.4.4, and 7.5-beta.2 that allows authentication bypass to a Stroom system when configured with ALB and installed in a way that the application is accessible not through the ALB itself. This vulnerability may also allow for server-side request forgery which may lead to code execution or further privileges escalations when using the AWS metadata URL. This scenario assumes that Stroom must be configured to use ALB Authentication integration and the application is network accessible. The vulnerability has been fixed in versions 7.2.24, 7.3-beta.22, 7.4.4, and 7.5-beta.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290: Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T16:16:45.327Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/gchq/stroom/security/advisories/GHSA-x489-xx2m-vc43",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/gchq/stroom/security/advisories/GHSA-x489-xx2m-vc43"
},
{
"name": "https://github.com/gchq/stroom/pull/4320",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gchq/stroom/pull/4320"
}
],
"source": {
"advisory": "GHSA-x489-xx2m-vc43",
"discovery": "UNKNOWN"
},
"title": "Stroom Authentication/Authorization Bypass when using AWS ALB"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-25182",
"datePublished": "2025-02-12T16:16:45.327Z",
"dateReserved": "2025-02-03T19:30:53.398Z",
"dateUpdated": "2025-02-12T19:24:50.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1000651 (GCVE-0-2018-1000651)
Vulnerability from cvelistv5
Published
2018-08-20 19:00
Modified
2024-09-16 17:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stroom version <5.4.5 contains a XML External Entity (XXE) vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted XML file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://0dd.zone/2018/08/08/stroom-XXE/ | x_refsource_MISC | |
| https://github.com/gchq/stroom/issues/813 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:40:47.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://0dd.zone/2018/08/08/stroom-XXE/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/gchq/stroom/issues/813"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2018-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stroom version \u003c5.4.5 contains a XML External Entity (XXE) vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted XML file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-20T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://0dd.zone/2018/08/08/stroom-XXE/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/gchq/stroom/issues/813"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2018-08-19T17:09:33.138195",
"DATE_REQUESTED": "2018-08-08T14:47:39",
"ID": "CVE-2018-1000651",
"REQUESTER": "sajeeb@0dd.zone",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stroom version \u003c5.4.5 contains a XML External Entity (XXE) vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted XML file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://0dd.zone/2018/08/08/stroom-XXE/",
"refsource": "MISC",
"url": "https://0dd.zone/2018/08/08/stroom-XXE/"
},
{
"name": "https://github.com/gchq/stroom/issues/813",
"refsource": "CONFIRM",
"url": "https://github.com/gchq/stroom/issues/813"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-1000651",
"datePublished": "2018-08-20T19:00:00Z",
"dateReserved": "2018-08-20T00:00:00Z",
"dateUpdated": "2024-09-16T17:47:49.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10779 (GCVE-0-2019-10779)
Vulnerability from cvelistv5
Published
2020-01-28 00:17
Modified
2024-08-04 22:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross-site Scripting
Summary
All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 branch before 6.0.25 are affected by Cross-site Scripting. An attacker website is able to load the Stroom UI into a hidden iframe. Using that iframe, the attacker site can issue commands to the Stroom UI via an XSS vulnerability to take full control of the Stroom UI on behalf of the logged-in user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://snyk.io/vuln/SNYK-JAVA-STROOM-541182 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | stroom:stroom-app |
Version: all versions before 5.5.12 Version: all versions of the 6.0.0 branch before 6.0.25 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:32:01.943Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-STROOM-541182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "stroom:stroom-app",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "all versions before 5.5.12"
},
{
"status": "affected",
"version": "all versions of the 6.0.0 branch before 6.0.25"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 branch before 6.0.25 are affected by Cross-site Scripting. An attacker website is able to load the Stroom UI into a hidden iframe. Using that iframe, the attacker site can issue commands to the Stroom UI via an XSS vulnerability to take full control of the Stroom UI on behalf of the logged-in user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site Scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-28T00:17:32",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-STROOM-541182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"ID": "CVE-2019-10779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "stroom:stroom-app",
"version": {
"version_data": [
{
"version_value": "all versions before 5.5.12"
},
{
"version_value": "all versions of the 6.0.0 branch before 6.0.25"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 branch before 6.0.25 are affected by Cross-site Scripting. An attacker website is able to load the Stroom UI into a hidden iframe. Using that iframe, the attacker site can issue commands to the Stroom UI via an XSS vulnerability to take full control of the Stroom UI on behalf of the logged-in user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://snyk.io/vuln/SNYK-JAVA-STROOM-541182",
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-STROOM-541182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2019-10779",
"datePublished": "2020-01-28T00:17:32",
"dateReserved": "2019-04-03T00:00:00",
"dateUpdated": "2024-08-04T22:32:01.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-01-28 01:15
Modified
2024-11-21 04:19
Severity ?
Summary
All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 branch before 6.0.25 are affected by Cross-site Scripting. An attacker website is able to load the Stroom UI into a hidden iframe. Using that iframe, the attacker site can issue commands to the Stroom UI via an XSS vulnerability to take full control of the Stroom UI on behalf of the logged-in user.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| report@snyk.io | https://snyk.io/vuln/SNYK-JAVA-STROOM-541182 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/vuln/SNYK-JAVA-STROOM-541182 | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gchq:stroom:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B253E6-EA00-47E6-8C45-B4FC8F27EBD1",
"versionEndExcluding": "5.5.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gchq:stroom:*:*:*:*:*:*:*:*",
"matchCriteriaId": "046AAF3E-9144-4C95-9242-E14326021275",
"versionEndExcluding": "6.0.25",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 branch before 6.0.25 are affected by Cross-site Scripting. An attacker website is able to load the Stroom UI into a hidden iframe. Using that iframe, the attacker site can issue commands to the Stroom UI via an XSS vulnerability to take full control of the Stroom UI on behalf of the logged-in user."
},
{
"lang": "es",
"value": "Todas las versiones de stroom:stroom-app anteriores a 5.5.12 y todas las versiones de la 6.0.0 derivaci\u00f3n anterior a 6.0.25, est\u00e1n afectadas por una vulnerabilidad de tipo Cross-site Scripting. Un sitio web del atacante es capaz de cargar la Interfaz de Usuario de Stroom en un iframe oculto. Usando ese iframe, el sitio del atacante puede emitir comandos hacia la Interfaz de Usuario de Stroom por medio de una vulnerabilidad de tipo XSS para tomar el control total de la Interfaz de Usuario de Stroom en nombre del usuario registrado."
}
],
"id": "CVE-2019-10779",
"lastModified": "2024-11-21T04:19:54.317",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-28T01:15:10.817",
"references": [
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-STROOM-541182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-JAVA-STROOM-541182"
}
],
"sourceIdentifier": "report@snyk.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-08-20 19:31
Modified
2024-11-21 03:40
Severity ?
Summary
Stroom version <5.4.5 contains a XML External Entity (XXE) vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted XML file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://0dd.zone/2018/08/08/stroom-XXE/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/gchq/stroom/issues/813 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://0dd.zone/2018/08/08/stroom-XXE/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gchq/stroom/issues/813 | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gchq:stroom:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94A52DB7-589E-41F2-B54D-201E53E6D8DD",
"versionEndExcluding": "5.4.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stroom version \u003c5.4.5 contains a XML External Entity (XXE) vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted XML file."
},
{
"lang": "es",
"value": "Stroom en versiones anteriores a la 5.4.0 contiene una vulnerabilidad XXE (XML External Entity) en el analizador sint\u00e1ctico de XML, lo que puede resultar en una fuga de datos confidenciales, una denegaci\u00f3n de servicio (DoS), Server-Side Request Forgery (SSRF) y un escaneo de puertos. Este ataque parece ser explotable mediante un archivo XML especialmente manipulado."
}
],
"id": "CVE-2018-1000651",
"lastModified": "2024-11-21T03:40:19.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-20T19:31:43.870",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://0dd.zone/2018/08/08/stroom-XXE/"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/gchq/stroom/issues/813"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://0dd.zone/2018/08/08/stroom-XXE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/gchq/stroom/issues/813"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}