cnvd - cnvd-2016-02167

cnvd-2016-02167

Vulnerability from cnvd

Title: Apache Jetspeed User Manager未授权操作漏洞

Description:

Apache Jetspeed是美国阿帕奇（Apache）软件基金会的一套使用Java和XML开发的开放门户平台和企业信息门户网站。User Manager service是其中的一个用户管理服务。

Apache Jetspeed 2.3.1之前版本的User Manager服务中存在未授权操作漏洞，该漏洞源于程序未能正确限制使用Jetspeed Security的访问权限。远程攻击者可借助REST API利用该漏洞添加、编辑或删除用户。

Severity: 中

Patch Name: Apache Jetspeed User Manager未授权操作漏洞的补丁

Patch Description:

Apache Jetspeed 2.3.1之前版本的User Manager服务中存在未授权操作漏洞，该漏洞源于程序未能正确限制使用Jetspeed Security的访问权限。远程攻击者可借助REST API利用该漏洞添加、编辑或删除用户。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-2171

Reference: http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-2171 http://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3CB9165E38-F3D8-496D-8642-8A53FCAC736A%40gmail.com%3E

Impacted products

Name
Apache Jetspeed <2.3.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-2171"
    }
  },
  "description": "Apache Jetspeed\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u4f7f\u7528Java\u548cXML\u5f00\u53d1\u7684\u5f00\u653e\u95e8\u6237\u5e73\u53f0\u548c\u4f01\u4e1a\u4fe1\u606f\u95e8\u6237\u7f51\u7ad9\u3002User Manager service\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u6237\u7ba1\u7406\u670d\u52a1\u3002\r\n\r\nApache Jetspeed 2.3.1\u4e4b\u524d\u7248\u672c\u7684User Manager\u670d\u52a1\u4e2d\u5b58\u5728\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u9650\u5236\u4f7f\u7528Jetspeed Security\u7684\u8bbf\u95ee\u6743\u9650\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9REST API\u5229\u7528\u8be5\u6f0f\u6d1e\u6dfb\u52a0\u3001\u7f16\u8f91\u6216\u5220\u9664\u7528\u6237\u3002",
  "discovererName": "Andreas Lindh",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-2171",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-02167",
  "openTime": "2016-04-13",
  "patchDescription": "Apache Jetspeed\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u4f7f\u7528Java\u548cXML\u5f00\u53d1\u7684\u5f00\u653e\u95e8\u6237\u5e73\u53f0\u548c\u4f01\u4e1a\u4fe1\u606f\u95e8\u6237\u7f51\u7ad9\u3002User Manager service\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u6237\u7ba1\u7406\u670d\u52a1\u3002\r\n\r\nApache Jetspeed 2.3.1\u4e4b\u524d\u7248\u672c\u7684User Manager\u670d\u52a1\u4e2d\u5b58\u5728\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u9650\u5236\u4f7f\u7528Jetspeed Security\u7684\u8bbf\u95ee\u6743\u9650\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9REST API\u5229\u7528\u8be5\u6f0f\u6d1e\u6dfb\u52a0\u3001\u7f16\u8f91\u6216\u5220\u9664\u7528\u6237\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Jetspeed User Manager\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Jetspeed \u003c2.3.1"
  },
  "referenceLink": "http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and\r\nhttps://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-2171\r\nhttp://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3CB9165E38-F3D8-496D-8642-8A53FCAC736A%40gmail.com%3E",
  "serverity": "\u4e2d",
  "submitTime": "2016-04-12",
  "title": "Apache Jetspeed User Manager\u672a\u6388\u6743\u64cd\u4f5c\u6f0f\u6d1e"
}

CVE-2016-2171 (GCVE-0-2016-2171)

Vulnerability from cvelistv5

Published

2016-04-11 14:00

Modified

2024-08-05 23:17

Severity ?

CWE

Summary

The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using Jetspeed Security, which allows remote attackers to (1) add, (2) edit, or (3) delete users via the REST API.

References

▼	URL	Tags
	https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-2171	x_refsource_CONFIRM
	http://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3CB9165E38-F3D8-496D-8642-8A53FCAC736A%40gmail.com%3E	mailing-list, x_refsource_MLIST
	http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:17:50.748Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-2171"
          },
          {
            "name": "[portals-jetspeed-user] 20160329 [CVE-2016-2171] Jetspeed User Manager REST service not restricted by Jetspeed Security",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3CB9165E38-F3D8-496D-8642-8A53FCAC736A%40gmail.com%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using Jetspeed Security, which allows remote attackers to (1) add, (2) edit, or (3) delete users via the REST API."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-04-11T13:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-2171"
        },
        {
          "name": "[portals-jetspeed-user] 20160329 [CVE-2016-2171] Jetspeed User Manager REST service not restricted by Jetspeed Security",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3CB9165E38-F3D8-496D-8642-8A53FCAC736A%40gmail.com%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2016-2171",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using Jetspeed Security, which allows remote attackers to (1) add, (2) edit, or (3) delete users via the REST API."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-2171",
              "refsource": "CONFIRM",
              "url": "https://portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-2171"
            },
            {
              "name": "[portals-jetspeed-user] 20160329 [CVE-2016-2171] Jetspeed User Manager REST service not restricted by Jetspeed Security",
              "refsource": "MLIST",
              "url": "http://mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%3CB9165E38-F3D8-496D-8642-8A53FCAC736A%40gmail.com%3E"
            },
            {
              "name": "http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and",
              "refsource": "MISC",
              "url": "http://haxx.ml/post/140552592371/remote-code-execution-in-apache-jetspeed-230-and"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-2171",
    "datePublished": "2016-04-11T14:00:00",
    "dateReserved": "2016-01-29T00:00:00",
    "dateUpdated": "2024-08-05T23:17:50.748Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted