Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-8750 (GCVE-0-2016-8750)
Vulnerability from cvelistv5
Published
2018-02-19 15:00
      Modified
2024-09-17 00:36
      
          Severity ?
        
        
          VLAI Severity ?
        
        
          EPSS score ?
        
        CWE
          - Injection Attack
Summary
Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.
            
          
        References
          | URL | Tags | ||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 
 | |||||||||||||||||||||||||||
Impacted products
        | Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Karaf | Version: prior to 4.0.8 | 
{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:35:00.163Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:1322",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1322"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://karaf.apache.org/security/cve-2016-8750.txt"
          },
          {
            "name": "103098",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103098"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Karaf",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "prior to 4.0.8"
            }
          ]
        }
      ],
      "datePublic": "2017-12-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Injection Attack",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-04T09:57:01",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "name": "RHSA-2018:1322",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://karaf.apache.org/security/cve-2016-8750.txt"
        },
        {
          "name": "103098",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103098"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "DATE_PUBLIC": "2017-12-04T00:00:00",
          "ID": "CVE-2016-8750",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Karaf",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "prior to 4.0.8"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Injection Attack"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:1322",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:1322"
            },
            {
              "name": "https://karaf.apache.org/security/cve-2016-8750.txt",
              "refsource": "CONFIRM",
              "url": "https://karaf.apache.org/security/cve-2016-8750.txt"
            },
            {
              "name": "103098",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103098"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2016-8750",
    "datePublished": "2018-02-19T15:00:00Z",
    "dateReserved": "2016-10-18T00:00:00",
    "dateUpdated": "2024-09-17T00:36:15.735Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-8750\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2018-02-19T15:29:00.207\",\"lastModified\":\"2024-11-21T02:59:59.623\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.\"},{\"lang\":\"es\",\"value\":\"Apache Karaf en versiones anteriores a la 4.0.8 utilizaba LDAPLoginModule para autenticar a los usuarios en un directorio mediante LDAP. Sin embargo, no cifraba los nombres de usuario correctamente y, por lo tanto, era vulnerable a ataques de inyecci\u00f3n LDAP, lo que conduc\u00eda a una denegaci\u00f3n de servicio (DoS).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:P\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-90\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:karaf:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.0.8\",\"matchCriteriaId\":\"990D05D0-F472-4516-9C4B-3E743BFB4956\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/103098\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1322\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://karaf.apache.org/security/cve-2016-8750.txt\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/103098\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1322\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://karaf.apache.org/security/cve-2016-8750.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}
  RHSA-2018:1322
Vulnerability from csaf_redhat
Published
2018-05-03 19:04
    Modified
2025-10-09 16:45
    Summary
Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R7 security and bug fix update
    Notes
Topic
An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
    Details
Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. 
Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.
This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.
Security Fix(es):
* undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666) (CVE-2017-7559)
* undertow: improper whitespace parsing leading to potential HTTP request smuggling (CVE-2017-12165)
* karaf: LDAP injection in LDAPLoginModule (CVE-2016-8750)
* plexus-utils: Mishandled strings in Commandline class allow for command injection (CVE-2017-1000487)
* poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception (CVE-2017-12626)
The CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat).
    Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
    {
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. \n\nRed Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.\n\nSecurity Fix(es):\n\n* undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666) (CVE-2017-7559)\n\n* undertow: improper whitespace parsing leading to potential HTTP request smuggling (CVE-2017-12165)\n\n* karaf: LDAP injection in LDAPLoginModule (CVE-2016-8750)\n\n* plexus-utils: Mishandled strings in Commandline class allow for command injection (CVE-2017-1000487)\n\n* poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception (CVE-2017-12626)\n\nThe CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat).",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1322",
        "url": "https://access.redhat.com/errata/RHSA-2018:1322"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/"
      },
      {
        "category": "external",
        "summary": "1481665",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665"
      },
      {
        "category": "external",
        "summary": "1490301",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301"
      },
      {
        "category": "external",
        "summary": "1524432",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524432"
      },
      {
        "category": "external",
        "summary": "1532497",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532497"
      },
      {
        "category": "external",
        "summary": "1539989",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539989"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1322.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R7 security and bug fix update",
    "tracking": {
      "current_release_date": "2025-10-09T16:45:11+00:00",
      "generator": {
        "date": "2025-10-09T16:45:11+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.9"
        }
      },
      "id": "RHSA-2018:1322",
      "initial_release_date": "2018-05-03T19:04:46+00:00",
      "revision_history": [
        {
          "date": "2018-05-03T19:04:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-03T19:04:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-09T16:45:11+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss A-MQ 6.3",
                "product": {
                  "name": "Red Hat JBoss A-MQ 6.3",
                  "product_id": "Red Hat JBoss A-MQ 6.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_amq:6.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Fuse 6.3",
                "product": {
                  "name": "Red Hat JBoss Fuse 6.3",
                  "product_id": "Red Hat JBoss Fuse 6.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_fuse:6.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Fuse"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-8750",
      "cwe": {
        "id": "CWE-90",
        "name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
      },
      "discovery_date": "2017-11-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1524432"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Apache Karaf uses the LDAPLoginModule to authenticate users to a directory via LDAP. It does not, however, encode usernames properly and hence is vulnerable to LDAP injection attacks. While it appears that it is not possible to exploit this vulnerability to allow an attacker to gain remote access, it does allow an attacker to insert special characters into the search query step. Therefore, it can potentially be exploited as part of a Denial of Service attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "karaf: LDAP injection in LDAPLoginModule",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8750"
        },
        {
          "category": "external",
          "summary": "RHBZ#1524432",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524432"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8750",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8750"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8750",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8750"
        },
        {
          "category": "external",
          "summary": "https://karaf.apache.org/security/cve-2016-8750.txt",
          "url": "https://karaf.apache.org/security/cve-2016-8750.txt"
        }
      ],
      "release_date": "2016-12-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "karaf: LDAP injection in LDAPLoginModule"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Stuart Douglas"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-7559",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2017-08-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1481665"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7559"
        },
        {
          "category": "external",
          "summary": "RHBZ#1481665",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7559",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7559"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559"
        }
      ],
      "release_date": "2017-12-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Stuart Douglas"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-12165",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2017-09-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1490301"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: improper whitespace parsing leading to potential HTTP request smuggling",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12165"
        },
        {
          "category": "external",
          "summary": "RHBZ#1490301",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12165",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12165"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165"
        }
      ],
      "release_date": "2017-12-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "undertow: improper whitespace parsing leading to potential HTTP request smuggling"
    },
    {
      "cve": "CVE-2017-12626",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-01-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1539989"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinite Loops while parsing crafted WMF, EMF, MSG and macros (POI bugs 61338 and 61294), and 2) Out of Memory Exceptions while parsing crafted DOC, PPT and XLS (POI bugs 52372 and 61295).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12626"
        },
        {
          "category": "external",
          "summary": "RHBZ#1539989",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539989"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12626",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12626"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12626",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12626"
        }
      ],
      "release_date": "2018-01-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception"
    },
    {
      "cve": "CVE-2017-1000487",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2018-01-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1532497"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "plexus-utils: Mishandled strings in Commandline class allow for command injection",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of plexus-utils as shipped with Red Hat Enterprise Linux 7 as well as Red Hat Satellite 6.0 and 6.1. Red Hat Satellite 6.2 and later do not ship plexus-utils, as such they are not affected by this vulnerability. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000487"
        },
        {
          "category": "external",
          "summary": "RHBZ#1532497",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532497"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000487",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000487"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000487",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000487"
        }
      ],
      "release_date": "2013-10-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "plexus-utils: Mishandled strings in Commandline class allow for command injection"
    }
  ]
}
  rhsa-2018:1322
Vulnerability from csaf_redhat
Published
2018-05-03 19:04
    Modified
2025-10-09 16:45
    Summary
Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R7 security and bug fix update
    Notes
Topic
An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
    Details
Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. 
Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.
This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.
Security Fix(es):
* undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666) (CVE-2017-7559)
* undertow: improper whitespace parsing leading to potential HTTP request smuggling (CVE-2017-12165)
* karaf: LDAP injection in LDAPLoginModule (CVE-2016-8750)
* plexus-utils: Mishandled strings in Commandline class allow for command injection (CVE-2017-1000487)
* poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception (CVE-2017-12626)
The CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat).
    Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
    {
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. \n\nRed Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.\n\nSecurity Fix(es):\n\n* undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666) (CVE-2017-7559)\n\n* undertow: improper whitespace parsing leading to potential HTTP request smuggling (CVE-2017-12165)\n\n* karaf: LDAP injection in LDAPLoginModule (CVE-2016-8750)\n\n* plexus-utils: Mishandled strings in Commandline class allow for command injection (CVE-2017-1000487)\n\n* poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception (CVE-2017-12626)\n\nThe CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat).",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1322",
        "url": "https://access.redhat.com/errata/RHSA-2018:1322"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/"
      },
      {
        "category": "external",
        "summary": "1481665",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665"
      },
      {
        "category": "external",
        "summary": "1490301",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301"
      },
      {
        "category": "external",
        "summary": "1524432",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524432"
      },
      {
        "category": "external",
        "summary": "1532497",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532497"
      },
      {
        "category": "external",
        "summary": "1539989",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539989"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1322.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R7 security and bug fix update",
    "tracking": {
      "current_release_date": "2025-10-09T16:45:11+00:00",
      "generator": {
        "date": "2025-10-09T16:45:11+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.9"
        }
      },
      "id": "RHSA-2018:1322",
      "initial_release_date": "2018-05-03T19:04:46+00:00",
      "revision_history": [
        {
          "date": "2018-05-03T19:04:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-03T19:04:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-09T16:45:11+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss A-MQ 6.3",
                "product": {
                  "name": "Red Hat JBoss A-MQ 6.3",
                  "product_id": "Red Hat JBoss A-MQ 6.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_amq:6.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Fuse 6.3",
                "product": {
                  "name": "Red Hat JBoss Fuse 6.3",
                  "product_id": "Red Hat JBoss Fuse 6.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_fuse:6.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Fuse"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-8750",
      "cwe": {
        "id": "CWE-90",
        "name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
      },
      "discovery_date": "2017-11-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1524432"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Apache Karaf uses the LDAPLoginModule to authenticate users to a directory via LDAP. It does not, however, encode usernames properly and hence is vulnerable to LDAP injection attacks. While it appears that it is not possible to exploit this vulnerability to allow an attacker to gain remote access, it does allow an attacker to insert special characters into the search query step. Therefore, it can potentially be exploited as part of a Denial of Service attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "karaf: LDAP injection in LDAPLoginModule",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8750"
        },
        {
          "category": "external",
          "summary": "RHBZ#1524432",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524432"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8750",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8750"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8750",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8750"
        },
        {
          "category": "external",
          "summary": "https://karaf.apache.org/security/cve-2016-8750.txt",
          "url": "https://karaf.apache.org/security/cve-2016-8750.txt"
        }
      ],
      "release_date": "2016-12-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "karaf: LDAP injection in LDAPLoginModule"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Stuart Douglas"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-7559",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2017-08-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1481665"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7559"
        },
        {
          "category": "external",
          "summary": "RHBZ#1481665",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7559",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7559"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559"
        }
      ],
      "release_date": "2017-12-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Stuart Douglas"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-12165",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2017-09-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1490301"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: improper whitespace parsing leading to potential HTTP request smuggling",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12165"
        },
        {
          "category": "external",
          "summary": "RHBZ#1490301",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12165",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12165"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165"
        }
      ],
      "release_date": "2017-12-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "undertow: improper whitespace parsing leading to potential HTTP request smuggling"
    },
    {
      "cve": "CVE-2017-12626",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-01-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1539989"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinite Loops while parsing crafted WMF, EMF, MSG and macros (POI bugs 61338 and 61294), and 2) Out of Memory Exceptions while parsing crafted DOC, PPT and XLS (POI bugs 52372 and 61295).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12626"
        },
        {
          "category": "external",
          "summary": "RHBZ#1539989",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539989"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12626",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12626"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12626",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12626"
        }
      ],
      "release_date": "2018-01-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception"
    },
    {
      "cve": "CVE-2017-1000487",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2018-01-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1532497"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "plexus-utils: Mishandled strings in Commandline class allow for command injection",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of plexus-utils as shipped with Red Hat Enterprise Linux 7 as well as Red Hat Satellite 6.0 and 6.1. Red Hat Satellite 6.2 and later do not ship plexus-utils, as such they are not affected by this vulnerability. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000487"
        },
        {
          "category": "external",
          "summary": "RHBZ#1532497",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532497"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000487",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000487"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000487",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000487"
        }
      ],
      "release_date": "2013-10-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "plexus-utils: Mishandled strings in Commandline class allow for command injection"
    }
  ]
}
  rhsa-2018_1322
Vulnerability from csaf_redhat
Published
2018-05-03 19:04
    Modified
2024-11-22 11:55
    Summary
Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R7 security and bug fix update
    Notes
Topic
An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
    Details
Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. 
Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.
This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.
Security Fix(es):
* undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666) (CVE-2017-7559)
* undertow: improper whitespace parsing leading to potential HTTP request smuggling (CVE-2017-12165)
* karaf: LDAP injection in LDAPLoginModule (CVE-2016-8750)
* plexus-utils: Mishandled strings in Commandline class allow for command injection (CVE-2017-1000487)
* poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception (CVE-2017-12626)
The CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat).
    Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
    {
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. \n\nRed Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.\n\nSecurity Fix(es):\n\n* undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666) (CVE-2017-7559)\n\n* undertow: improper whitespace parsing leading to potential HTTP request smuggling (CVE-2017-12165)\n\n* karaf: LDAP injection in LDAPLoginModule (CVE-2016-8750)\n\n* plexus-utils: Mishandled strings in Commandline class allow for command injection (CVE-2017-1000487)\n\n* poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception (CVE-2017-12626)\n\nThe CVE-2017-7559 and CVE-2017-12165 issues were discovered by Stuart Douglas (Red Hat).",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2018:1322",
        "url": "https://access.redhat.com/errata/RHSA-2018:1322"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-fuse/"
      },
      {
        "category": "external",
        "summary": "1481665",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665"
      },
      {
        "category": "external",
        "summary": "1490301",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301"
      },
      {
        "category": "external",
        "summary": "1524432",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524432"
      },
      {
        "category": "external",
        "summary": "1532497",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532497"
      },
      {
        "category": "external",
        "summary": "1539989",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539989"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1322.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R7 security and bug fix update",
    "tracking": {
      "current_release_date": "2024-11-22T11:55:04+00:00",
      "generator": {
        "date": "2024-11-22T11:55:04+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2018:1322",
      "initial_release_date": "2018-05-03T19:04:46+00:00",
      "revision_history": [
        {
          "date": "2018-05-03T19:04:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2018-05-03T19:04:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T11:55:04+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss A-MQ 6.3",
                "product": {
                  "name": "Red Hat JBoss A-MQ 6.3",
                  "product_id": "Red Hat JBoss A-MQ 6.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_amq:6.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Fuse 6.3",
                "product": {
                  "name": "Red Hat JBoss Fuse 6.3",
                  "product_id": "Red Hat JBoss Fuse 6.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_fuse:6.3"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Fuse"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-8750",
      "cwe": {
        "id": "CWE-90",
        "name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
      },
      "discovery_date": "2017-11-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1524432"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Apache Karaf uses the LDAPLoginModule to authenticate users to a directory via LDAP. It does not, however, encode usernames properly and hence is vulnerable to LDAP injection attacks. While it appears that it is not possible to exploit this vulnerability to allow an attacker to gain remote access, it does allow an attacker to insert special characters into the search query step. Therefore, it can potentially be exploited as part of a Denial of Service attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "karaf: LDAP injection in LDAPLoginModule",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8750"
        },
        {
          "category": "external",
          "summary": "RHBZ#1524432",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524432"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8750",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8750"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8750",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8750"
        },
        {
          "category": "external",
          "summary": "https://karaf.apache.org/security/cve-2016-8750.txt",
          "url": "https://karaf.apache.org/security/cve-2016-8750.txt"
        }
      ],
      "release_date": "2016-12-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "karaf: LDAP injection in LDAPLoginModule"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Stuart Douglas"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-7559",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2017-08-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1481665"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7559"
        },
        {
          "category": "external",
          "summary": "RHBZ#1481665",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481665"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7559",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7559"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7559"
        }
      ],
      "release_date": "2017-12-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "undertow: HTTP Request smuggling vulnerability (incomplete fix of CVE-2017-2666)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Stuart Douglas"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-12165",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2017-09-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1490301"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "undertow: improper whitespace parsing leading to potential HTTP request smuggling",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12165"
        },
        {
          "category": "external",
          "summary": "RHBZ#1490301",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490301"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12165",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12165"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12165"
        }
      ],
      "release_date": "2017-12-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "undertow: improper whitespace parsing leading to potential HTTP request smuggling"
    },
    {
      "cve": "CVE-2017-12626",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2018-01-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1539989"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinite Loops while parsing crafted WMF, EMF, MSG and macros (POI bugs 61338 and 61294), and 2) Out of Memory Exceptions while parsing crafted DOC, PPT and XLS (POI bugs 52372 and 61295).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12626"
        },
        {
          "category": "external",
          "summary": "RHBZ#1539989",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539989"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12626",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12626"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12626",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12626"
        }
      ],
      "release_date": "2018-01-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "poi: Parsing of multiple file types can cause a denial of service via infinite loop or out of memory exception"
    },
    {
      "cve": "CVE-2017-1000487",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2018-01-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1532497"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "plexus-utils: Mishandled strings in Commandline class allow for command injection",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of plexus-utils as shipped with Red Hat Enterprise Linux 7 as well as Red Hat Satellite 6.0 and 6.1. Red Hat Satellite 6.2 and later do not ship plexus-utils, as such they are not affected by this vulnerability. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss A-MQ 6.3",
          "Red Hat JBoss Fuse 6.3"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000487"
        },
        {
          "category": "external",
          "summary": "RHBZ#1532497",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532497"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000487",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000487"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000487",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000487"
        }
      ],
      "release_date": "2013-10-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2018-05-03T19:04:46+00:00",
          "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2018:1322"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss A-MQ 6.3",
            "Red Hat JBoss Fuse 6.3"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "plexus-utils: Mishandled strings in Commandline class allow for command injection"
    }
  ]
}
  gsd-2016-8750
Vulnerability from gsd
Modified
2023-12-13 01:21
      Details
        
          Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.
        
      Aliases
        
      Aliases
        
      {
  "GSD": {
    "alias": "CVE-2016-8750",
    "description": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.",
    "id": "GSD-2016-8750",
    "references": [
      "https://access.redhat.com/errata/RHSA-2018:1322"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-8750"
      ],
      "details": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.",
      "id": "GSD-2016-8750",
      "modified": "2023-12-13T01:21:22.622125Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "DATE_PUBLIC": "2017-12-04T00:00:00",
        "ID": "CVE-2016-8750",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Karaf",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "prior to 4.0.8"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Injection Attack"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2018:1322",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:1322"
          },
          {
            "name": "https://karaf.apache.org/security/cve-2016-8750.txt",
            "refsource": "CONFIRM",
            "url": "https://karaf.apache.org/security/cve-2016-8750.txt"
          },
          {
            "name": "103098",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/103098"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,4.0.8)",
          "affected_versions": "All versions before 4.0.8",
          "cvss_v2": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-707",
            "CWE-90",
            "CWE-937"
          ],
          "date": "2021-09-09",
          "description": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.",
          "fixed_versions": [
            "4.0.8"
          ],
          "identifier": "CVE-2016-8750",
          "identifiers": [
            "GHSA-chj8-5xgw-wcvj",
            "CVE-2016-8750"
          ],
          "not_impacted": "All versions starting from 4.0.8",
          "package_slug": "maven/org.apache.karaf/apache-karaf",
          "pubdate": "2019-01-07",
          "solution": "Upgrade to version 4.0.8 or above.",
          "title": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2016-8750",
            "https://github.com/advisories/GHSA-chj8-5xgw-wcvj",
            "https://karaf.apache.org/security/cve-2016-8750.txt"
          ],
          "uuid": "2f6708f7-ddcc-4e69-8b8f-8a6a5f865bf1"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:karaf:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.0.8",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2016-8750"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-90"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://karaf.apache.org/security/cve-2016-8750.txt",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://karaf.apache.org/security/cve-2016-8750.txt"
            },
            {
              "name": "103098",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/103098"
            },
            {
              "name": "RHSA-2018:1322",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:1322"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-04-26T13:16Z",
      "publishedDate": "2018-02-19T15:29Z"
    }
  }
}
  cnvd-2018-06703
Vulnerability from cnvd
Title
Apache Karaf LDAP注入漏洞
Description
Apache Karaf是开源的基于OSGi的运行环境。
Apache Karaf 4.0.8之前版本通过LDAPLoginModule验证用户通过LDAP进行目录访问,在实现上存在安全漏洞,成功利用后可导致LDAP注入攻击,造成拒绝服务。
Severity
中
        VLAI Severity ?
      
      Patch Name
Apache Karaf LDAP注入漏洞的补丁
Patch Description
Apache Karaf是开源的基于OSGi的运行环境。
Apache Karaf 4.0.8之前版本通过LDAPLoginModule验证用户通过LDAP进行目录访问,在实现上存在安全漏洞,成功利用后可导致LDAP注入攻击,造成拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: https://karaf.apache.org/security/cve-2016-8750.txt
Reference
https://nvd.nist.gov/vuln/detail/CVE-2016-8750
Impacted products
          | Name | Apache Karaf < 4.0.8 | 
|---|
{
  "bids": {
    "bid": {
      "bidNumber": "103098"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-8750",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8750"
    }
  },
  "description": "Apache Karaf\u662f\u5f00\u6e90\u7684\u57fa\u4e8eOSGi\u7684\u8fd0\u884c\u73af\u5883\u3002\r\n\r\nApache Karaf 4.0.8\u4e4b\u524d\u7248\u672c\u901a\u8fc7LDAPLoginModule\u9a8c\u8bc1\u7528\u6237\u901a\u8fc7LDAP\u8fdb\u884c\u76ee\u5f55\u8bbf\u95ee\uff0c\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u6210\u529f\u5229\u7528\u540e\u53ef\u5bfc\u81f4LDAP\u6ce8\u5165\u653b\u51fb\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Colm O hEigeartaigh of Talend.",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://karaf.apache.org/security/cve-2016-8750.txt",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-06703",
  "openTime": "2018-03-29",
  "patchDescription": "Apache Karaf\u662f\u5f00\u6e90\u7684\u57fa\u4e8eOSGi\u7684\u8fd0\u884c\u73af\u5883\u3002\r\n\r\nApache Karaf 4.0.8\u4e4b\u524d\u7248\u672c\u901a\u8fc7LDAPLoginModule\u9a8c\u8bc1\u7528\u6237\u901a\u8fc7LDAP\u8fdb\u884c\u76ee\u5f55\u8bbf\u95ee\uff0c\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u6210\u529f\u5229\u7528\u540e\u53ef\u5bfc\u81f4LDAP\u6ce8\u5165\u653b\u51fb\uff0c\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Karaf LDAP\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Karaf \u003c 4.0.8"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2016-8750",
  "serverity": "\u4e2d",
  "submitTime": "2018-03-08",
  "title": "Apache Karaf LDAP\u6ce8\u5165\u6f0f\u6d1e"
}
  fkie_cve-2016-8750
Vulnerability from fkie_nvd
Published
2018-02-19 15:29
    Modified
2024-11-21 02:59
    
          Severity ?
        
        
    Summary
Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.
    References
      | URL | Tags | ||
|---|---|---|---|
| security@apache.org | http://www.securityfocus.com/bid/103098 | Third Party Advisory, VDB Entry | |
| security@apache.org | https://access.redhat.com/errata/RHSA-2018:1322 | Third Party Advisory | |
| security@apache.org | https://karaf.apache.org/security/cve-2016-8750.txt | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:1322 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://karaf.apache.org/security/cve-2016-8750.txt | Patch, Vendor Advisory | 
{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:karaf:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "990D05D0-F472-4516-9C4B-3E743BFB4956",
              "versionEndExcluding": "4.0.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service."
    },
    {
      "lang": "es",
      "value": "Apache Karaf en versiones anteriores a la 4.0.8 utilizaba LDAPLoginModule para autenticar a los usuarios en un directorio mediante LDAP. Sin embargo, no cifraba los nombres de usuario correctamente y, por lo tanto, era vulnerable a ataques de inyecci\u00f3n LDAP, lo que conduc\u00eda a una denegaci\u00f3n de servicio (DoS)."
    }
  ],
  "id": "CVE-2016-8750",
  "lastModified": "2024-11-21T02:59:59.623",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-02-19T15:29:00.207",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103098"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1322"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://karaf.apache.org/security/cve-2016-8750.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103098"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2018:1322"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://karaf.apache.org/security/cve-2016-8750.txt"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-90"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}
  ghsa-chj8-5xgw-wcvj
Vulnerability from github
Published
2019-01-07 19:14
    Modified
2021-09-09 18:04
    
        Severity ?
      
      
    
        VLAI Severity ?
      
      Summary
Moderate severity vulnerability that affects org.apache.karaf:apache-karaf
    Details
Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.
{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.karaf:apache-karaf"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.0.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2016-8750"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-90"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:31:46Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.",
  "id": "GHSA-chj8-5xgw-wcvj",
  "modified": "2021-09-09T18:04:45Z",
  "published": "2019-01-07T19:14:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8750"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2018:1322"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-chj8-5xgw-wcvj"
    },
    {
      "type": "WEB",
      "url": "https://karaf.apache.org/security/cve-2016-8750.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/103098"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moderate severity vulnerability that affects org.apache.karaf:apache-karaf"
}
  Loading…
      Loading…
      Sightings
| Author | Source | Type | Date | 
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
      Loading…