Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2013-0218
Vulnerability from cvelistv5
Published
2013-02-05 23:11
Modified
2024-08-06 14:18
Severity ?
EPSS score ?
Summary
The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T14:18:09.547Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2013:0206", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0206.html", }, { name: "89698", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/89698", }, { name: "52041", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/52041", }, { name: "RHSA-2013:0833", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0833.html", }, { name: "RHSA-2013:0207", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0207.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { name: "jboss-eap-info-disc(81725)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/81725", }, { name: "57652", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/57652", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-01-30T00:00:00", descriptions: [ { lang: "en", value: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2013:0206", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0206.html", }, { name: "89698", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/89698", }, { name: "52041", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/52041", }, { name: "RHSA-2013:0833", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0833.html", }, { name: "RHSA-2013:0207", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0207.html", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { name: "jboss-eap-info-disc(81725)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/81725", }, { name: "57652", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/57652", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-0218", datePublished: "2013-02-05T23:11:00", dateReserved: "2012-12-06T00:00:00", dateUpdated: "2024-08-06T14:18:09.547Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2013-0218\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-02-05T23:55:01.897\",\"lastModified\":\"2024-11-21T01:47:05.327\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.\"},{\"lang\":\"es\",\"value\":\"El instalador GUI en JBoss Enterprise Application Platform (EAP) y Enterprise Web Platform (EWP) v5.2.0 y posiblemente v5.1.2 usa permisos de lectura para todos los usuarios en el fichero XML auto-install, lo que permite a usuarios locales obtener el password del administrador mediante la lecutra de dicho fichero.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A785F07-9B76-4153-B676-29C9682B2F73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46849C8D-36E9-4E97-BB49-E04F4EB199E6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C534793-58E0-45B9-84D7-D21E1C4C9F7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38F66D5B-F906-437E-977E-F9F930648886\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0206.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0207.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0833.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/52041\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/89698\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/57652\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=903073\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/81725\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0206.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0207.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0833.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/52041\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/89698\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/57652\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=903073\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/81725\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"Per http://rhn.redhat.com/errata/RHSA-2013-0206.html \\r\\n\\\"An update for JBoss Enterprise Application Platform 5.2.0 which fixes one\\r\\nsecurity issue is now available from the Red Hat Customer Portal.\\\"\\r\\n\\r\\nPer http://rhn.redhat.com/errata/RHSA-2013-0207.html\\r\\n\\\"An update for JBoss Enterprise Web Platform 5.2.0 which fixes one security\\r\\nissue is now available from the Red Hat Customer Portal.\\\"\"}}", }, }
gsd-2013-0218
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.
Aliases
Aliases
{ GSD: { alias: "CVE-2013-0218", description: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", id: "GSD-2013-0218", references: [ "https://access.redhat.com/errata/RHSA-2013:0833", "https://access.redhat.com/errata/RHSA-2013:0207", "https://access.redhat.com/errata/RHSA-2013:0206", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2013-0218", ], details: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", id: "GSD-2013-0218", modified: "2023-12-13T01:22:15.295500Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-0218", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_affected: "=", version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://rhn.redhat.com/errata/RHSA-2013-0833.html", refsource: "MISC", url: "http://rhn.redhat.com/errata/RHSA-2013-0833.html", }, { name: "http://rhn.redhat.com/errata/RHSA-2013-0206.html", refsource: "MISC", url: "http://rhn.redhat.com/errata/RHSA-2013-0206.html", }, { name: "http://rhn.redhat.com/errata/RHSA-2013-0207.html", refsource: "MISC", url: "http://rhn.redhat.com/errata/RHSA-2013-0207.html", }, { name: "http://secunia.com/advisories/52041", refsource: "MISC", url: "http://secunia.com/advisories/52041", }, { name: "http://www.osvdb.org/89698", refsource: "MISC", url: "http://www.osvdb.org/89698", }, { name: "http://www.securityfocus.com/bid/57652", refsource: "MISC", url: "http://www.securityfocus.com/bid/57652", }, { name: "https://exchange.xforce.ibmcloud.com/vulnerabilities/81725", refsource: "MISC", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/81725", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2013-0218", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "RHSA-2013:0207", refsource: "REDHAT", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0207.html", }, { name: "89698", refsource: "OSVDB", tags: [], url: "http://www.osvdb.org/89698", }, { name: "RHSA-2013:0206", refsource: "REDHAT", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0206.html", }, { name: "57652", refsource: "BID", tags: [], url: "http://www.securityfocus.com/bid/57652", }, { name: "52041", refsource: "SECUNIA", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/52041", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", refsource: "MISC", tags: [], url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { name: "RHSA-2013:0833", refsource: "REDHAT", tags: [], url: "http://rhn.redhat.com/errata/RHSA-2013-0833.html", }, { name: "jboss-eap-info-disc(81725)", refsource: "XF", tags: [], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/81725", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "LOW", userInteractionRequired: false, }, }, lastModifiedDate: "2017-08-29T01:33Z", publishedDate: "2013-02-05T23:55Z", }, }, }
fkie_cve-2013-0218
Vulnerability from fkie_nvd
Published
2013-02-05 23:55
Modified
2024-11-21 01:47
Severity ?
Summary
The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | jboss_enterprise_application_platform | 5.1.2 | |
| redhat | jboss_enterprise_application_platform | 5.2.0 | |
| redhat | jboss_enterprise_web_platform | 5.1.2 | |
| redhat | jboss_enterprise_web_platform | 5.2.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.1.2:*:*:*:*:*:*:*", matchCriteriaId: "8A785F07-9B76-4153-B676-29C9682B2F73", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.2.0:*:*:*:*:*:*:*", matchCriteriaId: "46849C8D-36E9-4E97-BB49-E04F4EB199E6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.1.2:*:*:*:*:*:*:*", matchCriteriaId: "4C534793-58E0-45B9-84D7-D21E1C4C9F7B", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:jboss_enterprise_web_platform:5.2.0:*:*:*:*:*:*:*", matchCriteriaId: "38F66D5B-F906-437E-977E-F9F930648886", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", }, { lang: "es", value: "El instalador GUI en JBoss Enterprise Application Platform (EAP) y Enterprise Web Platform (EWP) v5.2.0 y posiblemente v5.1.2 usa permisos de lectura para todos los usuarios en el fichero XML auto-install, lo que permite a usuarios locales obtener el password del administrador mediante la lecutra de dicho fichero.", }, ], evaluatorComment: "Per http://rhn.redhat.com/errata/RHSA-2013-0206.html \r\n\"An update for JBoss Enterprise Application Platform 5.2.0 which fixes one\r\nsecurity issue is now available from the Red Hat Customer Portal.\"\r\n\r\nPer http://rhn.redhat.com/errata/RHSA-2013-0207.html\r\n\"An update for JBoss Enterprise Web Platform 5.2.0 which fixes one security\r\nissue is now available from the Red Hat Customer Portal.\"", id: "CVE-2013-0218", lastModified: "2024-11-21T01:47:05.327", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-02-05T23:55:01.897", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0206.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0207.html", }, { source: "secalert@redhat.com", url: "http://rhn.redhat.com/errata/RHSA-2013-0833.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/52041", }, { source: "secalert@redhat.com", url: "http://www.osvdb.org/89698", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/57652", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/81725", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0206.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2013-0207.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://rhn.redhat.com/errata/RHSA-2013-0833.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/52041", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/89698", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/57652", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/81725", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
RHSA-2013:0207
Vulnerability from csaf_redhat
Published
2013-01-30 20:57
Modified
2024-11-22 06:23
Summary
Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 security update
Notes
Topic
An update for JBoss Enterprise Web Platform 5.2.0 which fixes one security
issue is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
The Enterprise Web Platform is a slimmed down profile of the JBoss
Enterprise Application Platform intended for mid-size workloads with light
and rich Java applications.
The GUI installer created a world-readable auto-install XML file containing
both the JBoss Enterprise Web Platform administrator password and the
sucker password for the selected messaging system in plain text. A local
user able to access the directory where the GUI installer for JBoss
Enterprise Web Platform 5.1.2 was run could use this flaw to gain
administrative access to the JBoss Enterprise Web Platform instance.
(CVE-2013-0218)
Note: This update provides the initial release of the GUI installer for
version 5.2.0. Users continuing to use the 5.1.2 installer will remain
vulnerable to this issue.
This issue was discovered by Arun Neelicattu of the Red Hat Security
Response Team.
Users requiring the GUI installer for JBoss Enterprise Web Platform 5.2.0
are advised to apply this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for JBoss Enterprise Web Platform 5.2.0 which fixes one security\nissue is now available from the Red Hat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.", title: "Topic", }, { category: "general", text: "The Enterprise Web Platform is a slimmed down profile of the JBoss\nEnterprise Application Platform intended for mid-size workloads with light\nand rich Java applications.\n\nThe GUI installer created a world-readable auto-install XML file containing\nboth the JBoss Enterprise Web Platform administrator password and the\nsucker password for the selected messaging system in plain text. A local\nuser able to access the directory where the GUI installer for JBoss\nEnterprise Web Platform 5.1.2 was run could use this flaw to gain\nadministrative access to the JBoss Enterprise Web Platform instance.\n(CVE-2013-0218)\n\nNote: This update provides the initial release of the GUI installer for\nversion 5.2.0. Users continuing to use the 5.1.2 installer will remain\nvulnerable to this issue.\n\nThis issue was discovered by Arun Neelicattu of the Red Hat Security\nResponse Team.\n\nUsers requiring the GUI installer for JBoss Enterprise Web Platform 5.2.0\nare advised to apply this update.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2013:0207", url: "https://access.redhat.com/errata/RHSA-2013:0207", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=enterpriseweb.platform&version=5.2.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=enterpriseweb.platform&version=5.2.0", }, { category: "external", summary: "903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0207.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 security update", tracking: { current_release_date: "2024-11-22T06:23:12+00:00", generator: { date: "2024-11-22T06:23:12+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2013:0207", initial_release_date: "2013-01-30T20:57:00+00:00", revision_history: [ { date: "2013-01-30T20:57:00+00:00", number: "1", summary: "Initial version", }, { date: "2013-01-30T21:05:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T06:23:12+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Web Platform 5.2", product: { name: "Red Hat JBoss Web Platform 5.2", product_id: "Red Hat JBoss Web Platform 5.2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_platform:5.2", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Arun Neelicattu", ], organization: "Red Hat Security Response Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2013-0218", discovery_date: "2013-01-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "903073", }, ], notes: [ { category: "description", text: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", title: "Vulnerability description", }, { category: "summary", text: "Installer: Generated auto-install xml is world readable", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Web Platform 5.2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0218", }, { category: "external", summary: "RHBZ#903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0218", url: "https://www.cve.org/CVERecord?id=CVE-2013-0218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", }, ], release_date: "2013-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-01-30T20:57:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update).", product_ids: [ "Red Hat JBoss Web Platform 5.2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0207", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Web Platform 5.2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Installer: Generated auto-install xml is world readable", }, ], }
rhsa-2013_0207
Vulnerability from csaf_redhat
Published
2013-01-30 20:57
Modified
2024-11-22 06:23
Summary
Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 security update
Notes
Topic
An update for JBoss Enterprise Web Platform 5.2.0 which fixes one security
issue is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
The Enterprise Web Platform is a slimmed down profile of the JBoss
Enterprise Application Platform intended for mid-size workloads with light
and rich Java applications.
The GUI installer created a world-readable auto-install XML file containing
both the JBoss Enterprise Web Platform administrator password and the
sucker password for the selected messaging system in plain text. A local
user able to access the directory where the GUI installer for JBoss
Enterprise Web Platform 5.1.2 was run could use this flaw to gain
administrative access to the JBoss Enterprise Web Platform instance.
(CVE-2013-0218)
Note: This update provides the initial release of the GUI installer for
version 5.2.0. Users continuing to use the 5.1.2 installer will remain
vulnerable to this issue.
This issue was discovered by Arun Neelicattu of the Red Hat Security
Response Team.
Users requiring the GUI installer for JBoss Enterprise Web Platform 5.2.0
are advised to apply this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for JBoss Enterprise Web Platform 5.2.0 which fixes one security\nissue is now available from the Red Hat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.", title: "Topic", }, { category: "general", text: "The Enterprise Web Platform is a slimmed down profile of the JBoss\nEnterprise Application Platform intended for mid-size workloads with light\nand rich Java applications.\n\nThe GUI installer created a world-readable auto-install XML file containing\nboth the JBoss Enterprise Web Platform administrator password and the\nsucker password for the selected messaging system in plain text. A local\nuser able to access the directory where the GUI installer for JBoss\nEnterprise Web Platform 5.1.2 was run could use this flaw to gain\nadministrative access to the JBoss Enterprise Web Platform instance.\n(CVE-2013-0218)\n\nNote: This update provides the initial release of the GUI installer for\nversion 5.2.0. Users continuing to use the 5.1.2 installer will remain\nvulnerable to this issue.\n\nThis issue was discovered by Arun Neelicattu of the Red Hat Security\nResponse Team.\n\nUsers requiring the GUI installer for JBoss Enterprise Web Platform 5.2.0\nare advised to apply this update.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2013:0207", url: "https://access.redhat.com/errata/RHSA-2013:0207", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=enterpriseweb.platform&version=5.2.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=enterpriseweb.platform&version=5.2.0", }, { category: "external", summary: "903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0207.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 security update", tracking: { current_release_date: "2024-11-22T06:23:12+00:00", generator: { date: "2024-11-22T06:23:12+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2013:0207", initial_release_date: "2013-01-30T20:57:00+00:00", revision_history: [ { date: "2013-01-30T20:57:00+00:00", number: "1", summary: "Initial version", }, { date: "2013-01-30T21:05:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T06:23:12+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Web Platform 5.2", product: { name: "Red Hat JBoss Web Platform 5.2", product_id: "Red Hat JBoss Web Platform 5.2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_platform:5.2", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Arun Neelicattu", ], organization: "Red Hat Security Response Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2013-0218", discovery_date: "2013-01-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "903073", }, ], notes: [ { category: "description", text: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", title: "Vulnerability description", }, { category: "summary", text: "Installer: Generated auto-install xml is world readable", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Web Platform 5.2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0218", }, { category: "external", summary: "RHBZ#903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0218", url: "https://www.cve.org/CVERecord?id=CVE-2013-0218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", }, ], release_date: "2013-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-01-30T20:57:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update).", product_ids: [ "Red Hat JBoss Web Platform 5.2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0207", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Web Platform 5.2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Installer: Generated auto-install xml is world readable", }, ], }
rhsa-2013:0206
Vulnerability from csaf_redhat
Published
2013-01-30 20:56
Modified
2024-11-22 06:23
Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 security update
Notes
Topic
An update for JBoss Enterprise Application Platform 5.2.0 which fixes one
security issue is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
JBoss Enterprise Application Platform is a platform for Java applications,
which integrates the JBoss Application Server with JBoss Hibernate and
JBoss Seam.
The GUI installer created a world-readable auto-install XML file containing
both the JBoss Enterprise Application Platform administrator password and
the sucker password for the selected messaging system in plain text. A
local user able to access the directory where the GUI installer for JBoss
Enterprise Application Platform 5.1.2 was run could use this flaw to gain
administrative access to the JBoss Enterprise Application Platform
instance. (CVE-2013-0218)
Note: This update provides the initial release of the GUI installer for
version 5.2.0. Users continuing to use the 5.1.2 installer will remain
vulnerable to this issue.
This issue was discovered by Arun Neelicattu of the Red Hat Security
Response Team.
Users requiring the GUI installer for JBoss Enterprise Application Platform
5.2.0 are advised to apply this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for JBoss Enterprise Application Platform 5.2.0 which fixes one\nsecurity issue is now available from the Red Hat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.", title: "Topic", }, { category: "general", text: "JBoss Enterprise Application Platform is a platform for Java applications,\nwhich integrates the JBoss Application Server with JBoss Hibernate and\nJBoss Seam.\n\nThe GUI installer created a world-readable auto-install XML file containing\nboth the JBoss Enterprise Application Platform administrator password and\nthe sucker password for the selected messaging system in plain text. A\nlocal user able to access the directory where the GUI installer for JBoss\nEnterprise Application Platform 5.1.2 was run could use this flaw to gain\nadministrative access to the JBoss Enterprise Application Platform\ninstance. (CVE-2013-0218)\n\nNote: This update provides the initial release of the GUI installer for\nversion 5.2.0. Users continuing to use the 5.1.2 installer will remain\nvulnerable to this issue.\n\nThis issue was discovered by Arun Neelicattu of the Red Hat Security\nResponse Team.\n\nUsers requiring the GUI installer for JBoss Enterprise Application Platform\n5.2.0 are advised to apply this update.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2013:0206", url: "https://access.redhat.com/errata/RHSA-2013:0206", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions&version=5.2.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions&version=5.2.0", }, { category: "external", summary: "903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0206.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 security update", tracking: { current_release_date: "2024-11-22T06:23:08+00:00", generator: { date: "2024-11-22T06:23:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2013:0206", initial_release_date: "2013-01-30T20:56:00+00:00", revision_history: [ { date: "2013-01-30T20:56:00+00:00", number: "1", summary: "Initial version", }, { date: "2013-01-30T21:05:06+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T06:23:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 5.2", product: { name: "Red Hat JBoss Enterprise Application Platform 5.2", product_id: "Red Hat JBoss Enterprise Application Platform 5.2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:5.2", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Arun Neelicattu", ], organization: "Red Hat Security Response Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2013-0218", discovery_date: "2013-01-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "903073", }, ], notes: [ { category: "description", text: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", title: "Vulnerability description", }, { category: "summary", text: "Installer: Generated auto-install xml is world readable", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 5.2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0218", }, { category: "external", summary: "RHBZ#903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0218", url: "https://www.cve.org/CVERecord?id=CVE-2013-0218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", }, ], release_date: "2013-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-01-30T20:56:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update).", product_ids: [ "Red Hat JBoss Enterprise Application Platform 5.2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0206", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 5.2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Installer: Generated auto-install xml is world readable", }, ], }
rhsa-2013_0833
Vulnerability from csaf_redhat
Published
2013-05-20 14:27
Modified
2024-11-22 06:40
Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 6.1.0 update
Notes
Topic
JBoss Enterprise Application Platform 6.1.0, which fixes multiple security
issues, various bugs, and adds enhancements, is now available from the Red
Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
JBoss Enterprise Application Platform 6 is a platform for Java applications
based on JBoss Application Server 7.
This release serves as a replacement for JBoss Enterprise Application
Platform 6.0.1, and includes bug fixes and enhancements. Refer to the 6.1.0
Release Notes for information on the most significant of these changes,
available shortly from https://access.redhat.com/site/documentation/
Security fixes:
XML encryption backwards compatibility attacks were found against various
frameworks, including Apache CXF. An attacker could force a server to use
insecure, legacy cryptosystems, even when secure cryptosystems were enabled
on endpoints. By forcing the use of legacy cryptosystems, flaws such as
CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be
recovered from cryptograms and symmetric keys. (CVE-2012-5575)
Note: Automatic checks to prevent CVE-2012-5575 are only run when
WS-SecurityPolicy is used to enforce security requirements. It is best
practice to use WS-SecurityPolicy to enforce security requirements.
A NULL pointer dereference flaw was found in the OCSP response verification
in OpenSSL. A malicious OCSP server could use this flaw to crash
applications performing OCSP verification by sending a specially-crafted
response. (CVE-2013-0166)
It was discovered that OpenSSL leaked timing information when decrypting
TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL or DTLS server as a
padding oracle. (CVE-2013-0169)
When applications running on JBoss Web used the COOKIE session tracking
method, the org.apache.catalina.connector.Response.encodeURL() method
returned the URL with the jsessionid appended as a query string parameter
when processing the first request of a session. An attacker could possibly
exploit this flaw by performing a man-in-the-middle attack to obtain a
user's jsessionid and hijack their session, or by extracting the jsessionid
from log files. Note that no session tracking method is used by default,
one must be configured. (CVE-2012-4529)
If multiple applications used the same custom authorization module class
name, and provided their own implementations of it, the first application
to be loaded will have its implementation used for all other applications
using the same custom authorization module class name. A local attacker
could use this flaw to deploy a malicious application that provides
implementations of custom authorization modules that permit or deny user
access according to rules supplied by the attacker. (CVE-2012-4572)
The GUI installer created a world-readable auto-install XML file containing
both the JBoss Enterprise Application Platform administrator password and
the sucker password for the selected messaging system in plain text. A
local user able to access the directory where the GUI installer was run
could use this flaw to gain administrative access to the JBoss Enterprise
Application Platform instance. (CVE-2013-0218)
Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj
Somorovsky of Ruhr-University Bochum for reporting CVE-2012-5575.
CVE-2012-4572 was discovered by Josef Cacek of the Red Hat JBoss EAP
Quality Engineering team, and CVE-2013-0218 was discovered by Arun
Neelicattu of the Red Hat Security Response Team.
Warning: Before applying this update, back up your existing JBoss
Enterprise Application Platform installation and deployed applications.
Users of JBoss Enterprise Application Platform 6.0.1 as provided from the
Red Hat Customer Portal are advised to upgrade to JBoss Enterprise
Application Platform 6.1.0.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "JBoss Enterprise Application Platform 6.1.0, which fixes multiple security\nissues, various bugs, and adds enhancements, is now available from the Red\nHat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", title: "Topic", }, { category: "general", text: "JBoss Enterprise Application Platform 6 is a platform for Java applications\nbased on JBoss Application Server 7.\n\nThis release serves as a replacement for JBoss Enterprise Application\nPlatform 6.0.1, and includes bug fixes and enhancements. Refer to the 6.1.0\nRelease Notes for information on the most significant of these changes,\navailable shortly from https://access.redhat.com/site/documentation/\n\nSecurity fixes:\n\nXML encryption backwards compatibility attacks were found against various\nframeworks, including Apache CXF. An attacker could force a server to use\ninsecure, legacy cryptosystems, even when secure cryptosystems were enabled\non endpoints. By forcing the use of legacy cryptosystems, flaws such as\nCVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be\nrecovered from cryptograms and symmetric keys. (CVE-2012-5575)\n\nNote: Automatic checks to prevent CVE-2012-5575 are only run when\nWS-SecurityPolicy is used to enforce security requirements. It is best\npractice to use WS-SecurityPolicy to enforce security requirements.\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nWhen applications running on JBoss Web used the COOKIE session tracking\nmethod, the org.apache.catalina.connector.Response.encodeURL() method\nreturned the URL with the jsessionid appended as a query string parameter\nwhen processing the first request of a session. An attacker could possibly\nexploit this flaw by performing a man-in-the-middle attack to obtain a\nuser's jsessionid and hijack their session, or by extracting the jsessionid\nfrom log files. Note that no session tracking method is used by default,\none must be configured. (CVE-2012-4529)\n\nIf multiple applications used the same custom authorization module class\nname, and provided their own implementations of it, the first application\nto be loaded will have its implementation used for all other applications\nusing the same custom authorization module class name. A local attacker\ncould use this flaw to deploy a malicious application that provides\nimplementations of custom authorization modules that permit or deny user\naccess according to rules supplied by the attacker. (CVE-2012-4572)\n\nThe GUI installer created a world-readable auto-install XML file containing\nboth the JBoss Enterprise Application Platform administrator password and\nthe sucker password for the selected messaging system in plain text. A\nlocal user able to access the directory where the GUI installer was run\ncould use this flaw to gain administrative access to the JBoss Enterprise\nApplication Platform instance. (CVE-2013-0218)\n\nRed Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575.\nCVE-2012-4572 was discovered by Josef Cacek of the Red Hat JBoss EAP\nQuality Engineering team, and CVE-2013-0218 was discovered by Arun\nNeelicattu of the Red Hat Security Response Team.\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation and deployed applications.\n\nUsers of JBoss Enterprise Application Platform 6.0.1 as provided from the\nRed Hat Customer Portal are advised to upgrade to JBoss Enterprise\nApplication Platform 6.1.0.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2013:0833", url: "https://access.redhat.com/errata/RHSA-2013:0833", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/site/documentation/", url: "https://access.redhat.com/site/documentation/", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions", }, { category: "external", summary: "http://cxf.apache.org/cve-2012-5575.html", url: "http://cxf.apache.org/cve-2012-5575.html", }, { category: "external", summary: "868202", url: "https://bugzilla.redhat.com/show_bug.cgi?id=868202", }, { category: "external", summary: "872059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=872059", }, { category: "external", summary: "880443", url: "https://bugzilla.redhat.com/show_bug.cgi?id=880443", }, { category: "external", summary: "903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "907589", url: "https://bugzilla.redhat.com/show_bug.cgi?id=907589", }, { category: "external", summary: "908052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=908052", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0833.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Application Platform 6.1.0 update", tracking: { current_release_date: "2024-11-22T06:40:57+00:00", generator: { date: "2024-11-22T06:40:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2013:0833", initial_release_date: "2013-05-20T14:27:00+00:00", revision_history: [ { date: "2013-05-20T14:27:00+00:00", number: "1", summary: "Initial version", }, { date: "2019-02-20T12:44:34+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T06:40:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.1", product: { name: "Red Hat JBoss Enterprise Application Platform 6.1", product_id: "Red Hat JBoss Enterprise Application Platform 6.1", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6.1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2012-4529", discovery_date: "2012-10-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "868202", }, ], notes: [ { category: "description", text: "The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log.", title: "Vulnerability description", }, { category: "summary", text: "Web: jsessionid exposed via encoded url when using cookie based session tracking", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-4529", }, { category: "external", summary: "RHBZ#868202", url: "https://bugzilla.redhat.com/show_bug.cgi?id=868202", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-4529", url: "https://www.cve.org/CVERecord?id=CVE-2012-4529", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-4529", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-4529", }, ], release_date: "2012-10-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Web: jsessionid exposed via encoded url when using cookie based session tracking", }, { acknowledgments: [ { names: [ "Josef Cacek", ], organization: "Red Hat JBoss EAP Quality Engineering team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2012-4572", discovery_date: "2012-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "872059", }, ], notes: [ { category: "description", text: "Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implementation is already loaded and the modules share class names, which allows local users to control certain applications' authorization decisions via a crafted application.", title: "Vulnerability description", }, { category: "summary", text: "JBoss: custom authorization module implementations shared between applications", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-4572", }, { category: "external", summary: "RHBZ#872059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=872059", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-4572", url: "https://www.cve.org/CVERecord?id=CVE-2012-4572", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-4572", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-4572", }, ], release_date: "2013-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.7, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "JBoss: custom authorization module implementations shared between applications", }, { acknowledgments: [ { names: [ "Tibor Jager", "Kenneth G. Paterson", "Juraj Somorovsky", ], organization: "Ruhr-University Bochum", }, ], cve: "CVE-2012-5575", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, discovery_date: "2012-11-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "880443", }, ], notes: [ { category: "description", text: "Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications, aka \"XML Encryption backwards compatibility attack.\"", title: "Vulnerability description", }, { category: "summary", text: "apache-cxf: XML encryption backwards compatibility attacks", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-5575", }, { category: "external", summary: "RHBZ#880443", url: "https://bugzilla.redhat.com/show_bug.cgi?id=880443", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-5575", url: "https://www.cve.org/CVERecord?id=CVE-2012-5575", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-5575", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-5575", }, { category: "external", summary: "http://cxf.apache.org/cve-2012-5575.html", url: "http://cxf.apache.org/cve-2012-5575.html", }, { category: "external", summary: "http://www.nds.ruhr-uni-bochum.de/research/publications/backwards-compatibility/", url: "http://www.nds.ruhr-uni-bochum.de/research/publications/backwards-compatibility/", }, ], release_date: "2013-03-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-cxf: XML encryption backwards compatibility attacks", }, { cve: "CVE-2013-0166", discovery_date: "2013-02-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "908052", }, ], notes: [ { category: "description", text: "OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.", title: "Vulnerability description", }, { category: "summary", text: "openssl: DoS due to improper handling of OCSP response verification", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0166", }, { category: "external", summary: "RHBZ#908052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=908052", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0166", url: "https://www.cve.org/CVERecord?id=CVE-2013-0166", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0166", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0166", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20130205.txt", url: "http://www.openssl.org/news/secadv_20130205.txt", }, ], release_date: "2013-02-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl: DoS due to improper handling of OCSP response verification", }, { cve: "CVE-2013-0169", discovery_date: "2013-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "907589", }, ], notes: [ { category: "description", text: "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.", title: "Vulnerability description", }, { category: "summary", text: "SSL/TLS: CBC padding timing attack (lucky-13)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0169", }, { category: "external", summary: "RHBZ#907589", url: "https://bugzilla.redhat.com/show_bug.cgi?id=907589", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0169", url: "https://www.cve.org/CVERecord?id=CVE-2013-0169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", }, { category: "external", summary: "http://www.isg.rhul.ac.uk/tls/", url: "http://www.isg.rhul.ac.uk/tls/", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20130205.txt", url: "http://www.openssl.org/news/secadv_20130205.txt", }, { category: "external", summary: "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", url: "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", }, ], release_date: "2013-02-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, { category: "workaround", details: "On OpenShift Container Platform 3.11 it's possible to edit the list of cipher suites offered by the router when performing 'edge', or 're-encrypt' TLS modes. Please follow the documentation [1], and [2] to remove the vulnerable CBC ciphers use the modern, or intermediate cipher suites outlined by Mozilla instead [3]. In 'passthrough' mode TLS termination occurs in the application so that is another way to mitigate the vulnerability.\n[1] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#obtaining-router-configuration-template\n[2] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#using-configmap-replace-template\n[3] https://wiki.mozilla.org/Security/Server_Side_TLS", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "SSL/TLS: CBC padding timing attack (lucky-13)", }, { acknowledgments: [ { names: [ "Arun Neelicattu", ], organization: "Red Hat Security Response Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2013-0218", discovery_date: "2013-01-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "903073", }, ], notes: [ { category: "description", text: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", title: "Vulnerability description", }, { category: "summary", text: "Installer: Generated auto-install xml is world readable", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0218", }, { category: "external", summary: "RHBZ#903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0218", url: "https://www.cve.org/CVERecord?id=CVE-2013-0218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", }, ], release_date: "2013-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Installer: Generated auto-install xml is world readable", }, { cve: "CVE-2013-2067", cwe: { id: "CWE-384", name: "Session Fixation", }, discovery_date: "2013-05-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "961779", }, ], notes: [ { category: "description", text: "java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Session fixation in form authenticator", title: "Vulnerability summary", }, { category: "other", text: "This flaw allows an attacker to circumvent a session fixation prevention mechanism which was implemented in tomcat 5.5.x >= 5.5.29, 6.0.x >= 6.0.21 and 7.x. Earlier versions of tomcat do not include this mechanism, and are therefore not affected by this flaw. JBoss Web as included in JBoss 5.x products also does not include this mechanism, and is not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-2067", }, { category: "external", summary: "RHBZ#961779", url: "https://bugzilla.redhat.com/show_bug.cgi?id=961779", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-2067", url: "https://www.cve.org/CVERecord?id=CVE-2013-2067", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-2067", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-2067", }, ], release_date: "2013-05-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Session fixation in form authenticator", }, ], }
rhsa-2013:0833
Vulnerability from csaf_redhat
Published
2013-05-20 14:27
Modified
2024-11-22 06:40
Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 6.1.0 update
Notes
Topic
JBoss Enterprise Application Platform 6.1.0, which fixes multiple security
issues, various bugs, and adds enhancements, is now available from the Red
Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
JBoss Enterprise Application Platform 6 is a platform for Java applications
based on JBoss Application Server 7.
This release serves as a replacement for JBoss Enterprise Application
Platform 6.0.1, and includes bug fixes and enhancements. Refer to the 6.1.0
Release Notes for information on the most significant of these changes,
available shortly from https://access.redhat.com/site/documentation/
Security fixes:
XML encryption backwards compatibility attacks were found against various
frameworks, including Apache CXF. An attacker could force a server to use
insecure, legacy cryptosystems, even when secure cryptosystems were enabled
on endpoints. By forcing the use of legacy cryptosystems, flaws such as
CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be
recovered from cryptograms and symmetric keys. (CVE-2012-5575)
Note: Automatic checks to prevent CVE-2012-5575 are only run when
WS-SecurityPolicy is used to enforce security requirements. It is best
practice to use WS-SecurityPolicy to enforce security requirements.
A NULL pointer dereference flaw was found in the OCSP response verification
in OpenSSL. A malicious OCSP server could use this flaw to crash
applications performing OCSP verification by sending a specially-crafted
response. (CVE-2013-0166)
It was discovered that OpenSSL leaked timing information when decrypting
TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL or DTLS server as a
padding oracle. (CVE-2013-0169)
When applications running on JBoss Web used the COOKIE session tracking
method, the org.apache.catalina.connector.Response.encodeURL() method
returned the URL with the jsessionid appended as a query string parameter
when processing the first request of a session. An attacker could possibly
exploit this flaw by performing a man-in-the-middle attack to obtain a
user's jsessionid and hijack their session, or by extracting the jsessionid
from log files. Note that no session tracking method is used by default,
one must be configured. (CVE-2012-4529)
If multiple applications used the same custom authorization module class
name, and provided their own implementations of it, the first application
to be loaded will have its implementation used for all other applications
using the same custom authorization module class name. A local attacker
could use this flaw to deploy a malicious application that provides
implementations of custom authorization modules that permit or deny user
access according to rules supplied by the attacker. (CVE-2012-4572)
The GUI installer created a world-readable auto-install XML file containing
both the JBoss Enterprise Application Platform administrator password and
the sucker password for the selected messaging system in plain text. A
local user able to access the directory where the GUI installer was run
could use this flaw to gain administrative access to the JBoss Enterprise
Application Platform instance. (CVE-2013-0218)
Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj
Somorovsky of Ruhr-University Bochum for reporting CVE-2012-5575.
CVE-2012-4572 was discovered by Josef Cacek of the Red Hat JBoss EAP
Quality Engineering team, and CVE-2013-0218 was discovered by Arun
Neelicattu of the Red Hat Security Response Team.
Warning: Before applying this update, back up your existing JBoss
Enterprise Application Platform installation and deployed applications.
Users of JBoss Enterprise Application Platform 6.0.1 as provided from the
Red Hat Customer Portal are advised to upgrade to JBoss Enterprise
Application Platform 6.1.0.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "JBoss Enterprise Application Platform 6.1.0, which fixes multiple security\nissues, various bugs, and adds enhancements, is now available from the Red\nHat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", title: "Topic", }, { category: "general", text: "JBoss Enterprise Application Platform 6 is a platform for Java applications\nbased on JBoss Application Server 7.\n\nThis release serves as a replacement for JBoss Enterprise Application\nPlatform 6.0.1, and includes bug fixes and enhancements. Refer to the 6.1.0\nRelease Notes for information on the most significant of these changes,\navailable shortly from https://access.redhat.com/site/documentation/\n\nSecurity fixes:\n\nXML encryption backwards compatibility attacks were found against various\nframeworks, including Apache CXF. An attacker could force a server to use\ninsecure, legacy cryptosystems, even when secure cryptosystems were enabled\non endpoints. By forcing the use of legacy cryptosystems, flaws such as\nCVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be\nrecovered from cryptograms and symmetric keys. (CVE-2012-5575)\n\nNote: Automatic checks to prevent CVE-2012-5575 are only run when\nWS-SecurityPolicy is used to enforce security requirements. It is best\npractice to use WS-SecurityPolicy to enforce security requirements.\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nWhen applications running on JBoss Web used the COOKIE session tracking\nmethod, the org.apache.catalina.connector.Response.encodeURL() method\nreturned the URL with the jsessionid appended as a query string parameter\nwhen processing the first request of a session. An attacker could possibly\nexploit this flaw by performing a man-in-the-middle attack to obtain a\nuser's jsessionid and hijack their session, or by extracting the jsessionid\nfrom log files. Note that no session tracking method is used by default,\none must be configured. (CVE-2012-4529)\n\nIf multiple applications used the same custom authorization module class\nname, and provided their own implementations of it, the first application\nto be loaded will have its implementation used for all other applications\nusing the same custom authorization module class name. A local attacker\ncould use this flaw to deploy a malicious application that provides\nimplementations of custom authorization modules that permit or deny user\naccess according to rules supplied by the attacker. (CVE-2012-4572)\n\nThe GUI installer created a world-readable auto-install XML file containing\nboth the JBoss Enterprise Application Platform administrator password and\nthe sucker password for the selected messaging system in plain text. A\nlocal user able to access the directory where the GUI installer was run\ncould use this flaw to gain administrative access to the JBoss Enterprise\nApplication Platform instance. (CVE-2013-0218)\n\nRed Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575.\nCVE-2012-4572 was discovered by Josef Cacek of the Red Hat JBoss EAP\nQuality Engineering team, and CVE-2013-0218 was discovered by Arun\nNeelicattu of the Red Hat Security Response Team.\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation and deployed applications.\n\nUsers of JBoss Enterprise Application Platform 6.0.1 as provided from the\nRed Hat Customer Portal are advised to upgrade to JBoss Enterprise\nApplication Platform 6.1.0.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2013:0833", url: "https://access.redhat.com/errata/RHSA-2013:0833", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/site/documentation/", url: "https://access.redhat.com/site/documentation/", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions", }, { category: "external", summary: "http://cxf.apache.org/cve-2012-5575.html", url: "http://cxf.apache.org/cve-2012-5575.html", }, { category: "external", summary: "868202", url: "https://bugzilla.redhat.com/show_bug.cgi?id=868202", }, { category: "external", summary: "872059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=872059", }, { category: "external", summary: "880443", url: "https://bugzilla.redhat.com/show_bug.cgi?id=880443", }, { category: "external", summary: "903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "907589", url: "https://bugzilla.redhat.com/show_bug.cgi?id=907589", }, { category: "external", summary: "908052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=908052", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0833.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Application Platform 6.1.0 update", tracking: { current_release_date: "2024-11-22T06:40:57+00:00", generator: { date: "2024-11-22T06:40:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2013:0833", initial_release_date: "2013-05-20T14:27:00+00:00", revision_history: [ { date: "2013-05-20T14:27:00+00:00", number: "1", summary: "Initial version", }, { date: "2019-02-20T12:44:34+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T06:40:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.1", product: { name: "Red Hat JBoss Enterprise Application Platform 6.1", product_id: "Red Hat JBoss Enterprise Application Platform 6.1", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6.1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2012-4529", discovery_date: "2012-10-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "868202", }, ], notes: [ { category: "description", text: "The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log.", title: "Vulnerability description", }, { category: "summary", text: "Web: jsessionid exposed via encoded url when using cookie based session tracking", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-4529", }, { category: "external", summary: "RHBZ#868202", url: "https://bugzilla.redhat.com/show_bug.cgi?id=868202", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-4529", url: "https://www.cve.org/CVERecord?id=CVE-2012-4529", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-4529", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-4529", }, ], release_date: "2012-10-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Web: jsessionid exposed via encoded url when using cookie based session tracking", }, { acknowledgments: [ { names: [ "Josef Cacek", ], organization: "Red Hat JBoss EAP Quality Engineering team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2012-4572", discovery_date: "2012-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "872059", }, ], notes: [ { category: "description", text: "Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implementation is already loaded and the modules share class names, which allows local users to control certain applications' authorization decisions via a crafted application.", title: "Vulnerability description", }, { category: "summary", text: "JBoss: custom authorization module implementations shared between applications", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-4572", }, { category: "external", summary: "RHBZ#872059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=872059", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-4572", url: "https://www.cve.org/CVERecord?id=CVE-2012-4572", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-4572", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-4572", }, ], release_date: "2013-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.7, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "JBoss: custom authorization module implementations shared between applications", }, { acknowledgments: [ { names: [ "Tibor Jager", "Kenneth G. Paterson", "Juraj Somorovsky", ], organization: "Ruhr-University Bochum", }, ], cve: "CVE-2012-5575", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, discovery_date: "2012-11-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "880443", }, ], notes: [ { category: "description", text: "Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications, aka \"XML Encryption backwards compatibility attack.\"", title: "Vulnerability description", }, { category: "summary", text: "apache-cxf: XML encryption backwards compatibility attacks", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-5575", }, { category: "external", summary: "RHBZ#880443", url: "https://bugzilla.redhat.com/show_bug.cgi?id=880443", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-5575", url: "https://www.cve.org/CVERecord?id=CVE-2012-5575", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-5575", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-5575", }, { category: "external", summary: "http://cxf.apache.org/cve-2012-5575.html", url: "http://cxf.apache.org/cve-2012-5575.html", }, { category: "external", summary: "http://www.nds.ruhr-uni-bochum.de/research/publications/backwards-compatibility/", url: "http://www.nds.ruhr-uni-bochum.de/research/publications/backwards-compatibility/", }, ], release_date: "2013-03-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-cxf: XML encryption backwards compatibility attacks", }, { cve: "CVE-2013-0166", discovery_date: "2013-02-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "908052", }, ], notes: [ { category: "description", text: "OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.", title: "Vulnerability description", }, { category: "summary", text: "openssl: DoS due to improper handling of OCSP response verification", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0166", }, { category: "external", summary: "RHBZ#908052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=908052", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0166", url: "https://www.cve.org/CVERecord?id=CVE-2013-0166", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0166", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0166", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20130205.txt", url: "http://www.openssl.org/news/secadv_20130205.txt", }, ], release_date: "2013-02-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl: DoS due to improper handling of OCSP response verification", }, { cve: "CVE-2013-0169", discovery_date: "2013-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "907589", }, ], notes: [ { category: "description", text: "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.", title: "Vulnerability description", }, { category: "summary", text: "SSL/TLS: CBC padding timing attack (lucky-13)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0169", }, { category: "external", summary: "RHBZ#907589", url: "https://bugzilla.redhat.com/show_bug.cgi?id=907589", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0169", url: "https://www.cve.org/CVERecord?id=CVE-2013-0169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", }, { category: "external", summary: "http://www.isg.rhul.ac.uk/tls/", url: "http://www.isg.rhul.ac.uk/tls/", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20130205.txt", url: "http://www.openssl.org/news/secadv_20130205.txt", }, { category: "external", summary: "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", url: "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", }, ], release_date: "2013-02-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, { category: "workaround", details: "On OpenShift Container Platform 3.11 it's possible to edit the list of cipher suites offered by the router when performing 'edge', or 're-encrypt' TLS modes. Please follow the documentation [1], and [2] to remove the vulnerable CBC ciphers use the modern, or intermediate cipher suites outlined by Mozilla instead [3]. In 'passthrough' mode TLS termination occurs in the application so that is another way to mitigate the vulnerability.\n[1] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#obtaining-router-configuration-template\n[2] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#using-configmap-replace-template\n[3] https://wiki.mozilla.org/Security/Server_Side_TLS", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "SSL/TLS: CBC padding timing attack (lucky-13)", }, { acknowledgments: [ { names: [ "Arun Neelicattu", ], organization: "Red Hat Security Response Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2013-0218", discovery_date: "2013-01-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "903073", }, ], notes: [ { category: "description", text: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", title: "Vulnerability description", }, { category: "summary", text: "Installer: Generated auto-install xml is world readable", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0218", }, { category: "external", summary: "RHBZ#903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0218", url: "https://www.cve.org/CVERecord?id=CVE-2013-0218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", }, ], release_date: "2013-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Installer: Generated auto-install xml is world readable", }, { cve: "CVE-2013-2067", cwe: { id: "CWE-384", name: "Session Fixation", }, discovery_date: "2013-05-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "961779", }, ], notes: [ { category: "description", text: "java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Session fixation in form authenticator", title: "Vulnerability summary", }, { category: "other", text: "This flaw allows an attacker to circumvent a session fixation prevention mechanism which was implemented in tomcat 5.5.x >= 5.5.29, 6.0.x >= 6.0.21 and 7.x. Earlier versions of tomcat do not include this mechanism, and are therefore not affected by this flaw. JBoss Web as included in JBoss 5.x products also does not include this mechanism, and is not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-2067", }, { category: "external", summary: "RHBZ#961779", url: "https://bugzilla.redhat.com/show_bug.cgi?id=961779", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-2067", url: "https://www.cve.org/CVERecord?id=CVE-2013-2067", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-2067", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-2067", }, ], release_date: "2013-05-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Session fixation in form authenticator", }, ], }
RHSA-2013:0206
Vulnerability from csaf_redhat
Published
2013-01-30 20:56
Modified
2024-11-22 06:23
Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 security update
Notes
Topic
An update for JBoss Enterprise Application Platform 5.2.0 which fixes one
security issue is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
JBoss Enterprise Application Platform is a platform for Java applications,
which integrates the JBoss Application Server with JBoss Hibernate and
JBoss Seam.
The GUI installer created a world-readable auto-install XML file containing
both the JBoss Enterprise Application Platform administrator password and
the sucker password for the selected messaging system in plain text. A
local user able to access the directory where the GUI installer for JBoss
Enterprise Application Platform 5.1.2 was run could use this flaw to gain
administrative access to the JBoss Enterprise Application Platform
instance. (CVE-2013-0218)
Note: This update provides the initial release of the GUI installer for
version 5.2.0. Users continuing to use the 5.1.2 installer will remain
vulnerable to this issue.
This issue was discovered by Arun Neelicattu of the Red Hat Security
Response Team.
Users requiring the GUI installer for JBoss Enterprise Application Platform
5.2.0 are advised to apply this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for JBoss Enterprise Application Platform 5.2.0 which fixes one\nsecurity issue is now available from the Red Hat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.", title: "Topic", }, { category: "general", text: "JBoss Enterprise Application Platform is a platform for Java applications,\nwhich integrates the JBoss Application Server with JBoss Hibernate and\nJBoss Seam.\n\nThe GUI installer created a world-readable auto-install XML file containing\nboth the JBoss Enterprise Application Platform administrator password and\nthe sucker password for the selected messaging system in plain text. A\nlocal user able to access the directory where the GUI installer for JBoss\nEnterprise Application Platform 5.1.2 was run could use this flaw to gain\nadministrative access to the JBoss Enterprise Application Platform\ninstance. (CVE-2013-0218)\n\nNote: This update provides the initial release of the GUI installer for\nversion 5.2.0. Users continuing to use the 5.1.2 installer will remain\nvulnerable to this issue.\n\nThis issue was discovered by Arun Neelicattu of the Red Hat Security\nResponse Team.\n\nUsers requiring the GUI installer for JBoss Enterprise Application Platform\n5.2.0 are advised to apply this update.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2013:0206", url: "https://access.redhat.com/errata/RHSA-2013:0206", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions&version=5.2.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions&version=5.2.0", }, { category: "external", summary: "903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0206.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 security update", tracking: { current_release_date: "2024-11-22T06:23:08+00:00", generator: { date: "2024-11-22T06:23:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2013:0206", initial_release_date: "2013-01-30T20:56:00+00:00", revision_history: [ { date: "2013-01-30T20:56:00+00:00", number: "1", summary: "Initial version", }, { date: "2013-01-30T21:05:06+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T06:23:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 5.2", product: { name: "Red Hat JBoss Enterprise Application Platform 5.2", product_id: "Red Hat JBoss Enterprise Application Platform 5.2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:5.2", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Arun Neelicattu", ], organization: "Red Hat Security Response Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2013-0218", discovery_date: "2013-01-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "903073", }, ], notes: [ { category: "description", text: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", title: "Vulnerability description", }, { category: "summary", text: "Installer: Generated auto-install xml is world readable", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 5.2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0218", }, { category: "external", summary: "RHBZ#903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0218", url: "https://www.cve.org/CVERecord?id=CVE-2013-0218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", }, ], release_date: "2013-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-01-30T20:56:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update).", product_ids: [ "Red Hat JBoss Enterprise Application Platform 5.2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0206", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 5.2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Installer: Generated auto-install xml is world readable", }, ], }
RHSA-2013:0833
Vulnerability from csaf_redhat
Published
2013-05-20 14:27
Modified
2024-11-22 06:40
Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 6.1.0 update
Notes
Topic
JBoss Enterprise Application Platform 6.1.0, which fixes multiple security
issues, various bugs, and adds enhancements, is now available from the Red
Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
JBoss Enterprise Application Platform 6 is a platform for Java applications
based on JBoss Application Server 7.
This release serves as a replacement for JBoss Enterprise Application
Platform 6.0.1, and includes bug fixes and enhancements. Refer to the 6.1.0
Release Notes for information on the most significant of these changes,
available shortly from https://access.redhat.com/site/documentation/
Security fixes:
XML encryption backwards compatibility attacks were found against various
frameworks, including Apache CXF. An attacker could force a server to use
insecure, legacy cryptosystems, even when secure cryptosystems were enabled
on endpoints. By forcing the use of legacy cryptosystems, flaws such as
CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be
recovered from cryptograms and symmetric keys. (CVE-2012-5575)
Note: Automatic checks to prevent CVE-2012-5575 are only run when
WS-SecurityPolicy is used to enforce security requirements. It is best
practice to use WS-SecurityPolicy to enforce security requirements.
A NULL pointer dereference flaw was found in the OCSP response verification
in OpenSSL. A malicious OCSP server could use this flaw to crash
applications performing OCSP verification by sending a specially-crafted
response. (CVE-2013-0166)
It was discovered that OpenSSL leaked timing information when decrypting
TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL or DTLS server as a
padding oracle. (CVE-2013-0169)
When applications running on JBoss Web used the COOKIE session tracking
method, the org.apache.catalina.connector.Response.encodeURL() method
returned the URL with the jsessionid appended as a query string parameter
when processing the first request of a session. An attacker could possibly
exploit this flaw by performing a man-in-the-middle attack to obtain a
user's jsessionid and hijack their session, or by extracting the jsessionid
from log files. Note that no session tracking method is used by default,
one must be configured. (CVE-2012-4529)
If multiple applications used the same custom authorization module class
name, and provided their own implementations of it, the first application
to be loaded will have its implementation used for all other applications
using the same custom authorization module class name. A local attacker
could use this flaw to deploy a malicious application that provides
implementations of custom authorization modules that permit or deny user
access according to rules supplied by the attacker. (CVE-2012-4572)
The GUI installer created a world-readable auto-install XML file containing
both the JBoss Enterprise Application Platform administrator password and
the sucker password for the selected messaging system in plain text. A
local user able to access the directory where the GUI installer was run
could use this flaw to gain administrative access to the JBoss Enterprise
Application Platform instance. (CVE-2013-0218)
Red Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj
Somorovsky of Ruhr-University Bochum for reporting CVE-2012-5575.
CVE-2012-4572 was discovered by Josef Cacek of the Red Hat JBoss EAP
Quality Engineering team, and CVE-2013-0218 was discovered by Arun
Neelicattu of the Red Hat Security Response Team.
Warning: Before applying this update, back up your existing JBoss
Enterprise Application Platform installation and deployed applications.
Users of JBoss Enterprise Application Platform 6.0.1 as provided from the
Red Hat Customer Portal are advised to upgrade to JBoss Enterprise
Application Platform 6.1.0.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "JBoss Enterprise Application Platform 6.1.0, which fixes multiple security\nissues, various bugs, and adds enhancements, is now available from the Red\nHat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", title: "Topic", }, { category: "general", text: "JBoss Enterprise Application Platform 6 is a platform for Java applications\nbased on JBoss Application Server 7.\n\nThis release serves as a replacement for JBoss Enterprise Application\nPlatform 6.0.1, and includes bug fixes and enhancements. Refer to the 6.1.0\nRelease Notes for information on the most significant of these changes,\navailable shortly from https://access.redhat.com/site/documentation/\n\nSecurity fixes:\n\nXML encryption backwards compatibility attacks were found against various\nframeworks, including Apache CXF. An attacker could force a server to use\ninsecure, legacy cryptosystems, even when secure cryptosystems were enabled\non endpoints. By forcing the use of legacy cryptosystems, flaws such as\nCVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be\nrecovered from cryptograms and symmetric keys. (CVE-2012-5575)\n\nNote: Automatic checks to prevent CVE-2012-5575 are only run when\nWS-SecurityPolicy is used to enforce security requirements. It is best\npractice to use WS-SecurityPolicy to enforce security requirements.\n\nA NULL pointer dereference flaw was found in the OCSP response verification\nin OpenSSL. A malicious OCSP server could use this flaw to crash\napplications performing OCSP verification by sending a specially-crafted\nresponse. (CVE-2013-0166)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nWhen applications running on JBoss Web used the COOKIE session tracking\nmethod, the org.apache.catalina.connector.Response.encodeURL() method\nreturned the URL with the jsessionid appended as a query string parameter\nwhen processing the first request of a session. An attacker could possibly\nexploit this flaw by performing a man-in-the-middle attack to obtain a\nuser's jsessionid and hijack their session, or by extracting the jsessionid\nfrom log files. Note that no session tracking method is used by default,\none must be configured. (CVE-2012-4529)\n\nIf multiple applications used the same custom authorization module class\nname, and provided their own implementations of it, the first application\nto be loaded will have its implementation used for all other applications\nusing the same custom authorization module class name. A local attacker\ncould use this flaw to deploy a malicious application that provides\nimplementations of custom authorization modules that permit or deny user\naccess according to rules supplied by the attacker. (CVE-2012-4572)\n\nThe GUI installer created a world-readable auto-install XML file containing\nboth the JBoss Enterprise Application Platform administrator password and\nthe sucker password for the selected messaging system in plain text. A\nlocal user able to access the directory where the GUI installer was run\ncould use this flaw to gain administrative access to the JBoss Enterprise\nApplication Platform instance. (CVE-2013-0218)\n\nRed Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575.\nCVE-2012-4572 was discovered by Josef Cacek of the Red Hat JBoss EAP\nQuality Engineering team, and CVE-2013-0218 was discovered by Arun\nNeelicattu of the Red Hat Security Response Team.\n\nWarning: Before applying this update, back up your existing JBoss\nEnterprise Application Platform installation and deployed applications.\n\nUsers of JBoss Enterprise Application Platform 6.0.1 as provided from the\nRed Hat Customer Portal are advised to upgrade to JBoss Enterprise\nApplication Platform 6.1.0.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2013:0833", url: "https://access.redhat.com/errata/RHSA-2013:0833", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/site/documentation/", url: "https://access.redhat.com/site/documentation/", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions", }, { category: "external", summary: "http://cxf.apache.org/cve-2012-5575.html", url: "http://cxf.apache.org/cve-2012-5575.html", }, { category: "external", summary: "868202", url: "https://bugzilla.redhat.com/show_bug.cgi?id=868202", }, { category: "external", summary: "872059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=872059", }, { category: "external", summary: "880443", url: "https://bugzilla.redhat.com/show_bug.cgi?id=880443", }, { category: "external", summary: "903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "907589", url: "https://bugzilla.redhat.com/show_bug.cgi?id=907589", }, { category: "external", summary: "908052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=908052", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0833.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Application Platform 6.1.0 update", tracking: { current_release_date: "2024-11-22T06:40:57+00:00", generator: { date: "2024-11-22T06:40:57+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2013:0833", initial_release_date: "2013-05-20T14:27:00+00:00", revision_history: [ { date: "2013-05-20T14:27:00+00:00", number: "1", summary: "Initial version", }, { date: "2019-02-20T12:44:34+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T06:40:57+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 6.1", product: { name: "Red Hat JBoss Enterprise Application Platform 6.1", product_id: "Red Hat JBoss Enterprise Application Platform 6.1", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:6.1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2012-4529", discovery_date: "2012-10-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "868202", }, ], notes: [ { category: "description", text: "The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log.", title: "Vulnerability description", }, { category: "summary", text: "Web: jsessionid exposed via encoded url when using cookie based session tracking", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-4529", }, { category: "external", summary: "RHBZ#868202", url: "https://bugzilla.redhat.com/show_bug.cgi?id=868202", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-4529", url: "https://www.cve.org/CVERecord?id=CVE-2012-4529", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-4529", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-4529", }, ], release_date: "2012-10-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Web: jsessionid exposed via encoded url when using cookie based session tracking", }, { acknowledgments: [ { names: [ "Josef Cacek", ], organization: "Red Hat JBoss EAP Quality Engineering team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2012-4572", discovery_date: "2012-10-31T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "872059", }, ], notes: [ { category: "description", text: "Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implementation is already loaded and the modules share class names, which allows local users to control certain applications' authorization decisions via a crafted application.", title: "Vulnerability description", }, { category: "summary", text: "JBoss: custom authorization module implementations shared between applications", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-4572", }, { category: "external", summary: "RHBZ#872059", url: "https://bugzilla.redhat.com/show_bug.cgi?id=872059", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-4572", url: "https://www.cve.org/CVERecord?id=CVE-2012-4572", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-4572", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-4572", }, ], release_date: "2013-05-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.7, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "JBoss: custom authorization module implementations shared between applications", }, { acknowledgments: [ { names: [ "Tibor Jager", "Kenneth G. Paterson", "Juraj Somorovsky", ], organization: "Ruhr-University Bochum", }, ], cve: "CVE-2012-5575", cwe: { id: "CWE-327", name: "Use of a Broken or Risky Cryptographic Algorithm", }, discovery_date: "2012-11-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "880443", }, ], notes: [ { category: "description", text: "Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications, aka \"XML Encryption backwards compatibility attack.\"", title: "Vulnerability description", }, { category: "summary", text: "apache-cxf: XML encryption backwards compatibility attacks", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2012-5575", }, { category: "external", summary: "RHBZ#880443", url: "https://bugzilla.redhat.com/show_bug.cgi?id=880443", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2012-5575", url: "https://www.cve.org/CVERecord?id=CVE-2012-5575", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2012-5575", url: "https://nvd.nist.gov/vuln/detail/CVE-2012-5575", }, { category: "external", summary: "http://cxf.apache.org/cve-2012-5575.html", url: "http://cxf.apache.org/cve-2012-5575.html", }, { category: "external", summary: "http://www.nds.ruhr-uni-bochum.de/research/publications/backwards-compatibility/", url: "http://www.nds.ruhr-uni-bochum.de/research/publications/backwards-compatibility/", }, ], release_date: "2013-03-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-cxf: XML encryption backwards compatibility attacks", }, { cve: "CVE-2013-0166", discovery_date: "2013-02-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "908052", }, ], notes: [ { category: "description", text: "OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.", title: "Vulnerability description", }, { category: "summary", text: "openssl: DoS due to improper handling of OCSP response verification", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0166", }, { category: "external", summary: "RHBZ#908052", url: "https://bugzilla.redhat.com/show_bug.cgi?id=908052", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0166", url: "https://www.cve.org/CVERecord?id=CVE-2013-0166", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0166", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0166", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20130205.txt", url: "http://www.openssl.org/news/secadv_20130205.txt", }, ], release_date: "2013-02-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssl: DoS due to improper handling of OCSP response verification", }, { cve: "CVE-2013-0169", discovery_date: "2013-02-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "907589", }, ], notes: [ { category: "description", text: "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.", title: "Vulnerability description", }, { category: "summary", text: "SSL/TLS: CBC padding timing attack (lucky-13)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0169", }, { category: "external", summary: "RHBZ#907589", url: "https://bugzilla.redhat.com/show_bug.cgi?id=907589", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0169", url: "https://www.cve.org/CVERecord?id=CVE-2013-0169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", }, { category: "external", summary: "http://www.isg.rhul.ac.uk/tls/", url: "http://www.isg.rhul.ac.uk/tls/", }, { category: "external", summary: "http://www.openssl.org/news/secadv_20130205.txt", url: "http://www.openssl.org/news/secadv_20130205.txt", }, { category: "external", summary: "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", url: "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", }, ], release_date: "2013-02-04T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, { category: "workaround", details: "On OpenShift Container Platform 3.11 it's possible to edit the list of cipher suites offered by the router when performing 'edge', or 're-encrypt' TLS modes. Please follow the documentation [1], and [2] to remove the vulnerable CBC ciphers use the modern, or intermediate cipher suites outlined by Mozilla instead [3]. In 'passthrough' mode TLS termination occurs in the application so that is another way to mitigate the vulnerability.\n[1] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#obtaining-router-configuration-template\n[2] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#using-configmap-replace-template\n[3] https://wiki.mozilla.org/Security/Server_Side_TLS", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "SSL/TLS: CBC padding timing attack (lucky-13)", }, { acknowledgments: [ { names: [ "Arun Neelicattu", ], organization: "Red Hat Security Response Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2013-0218", discovery_date: "2013-01-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "903073", }, ], notes: [ { category: "description", text: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", title: "Vulnerability description", }, { category: "summary", text: "Installer: Generated auto-install xml is world readable", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0218", }, { category: "external", summary: "RHBZ#903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0218", url: "https://www.cve.org/CVERecord?id=CVE-2013-0218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", }, ], release_date: "2013-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Installer: Generated auto-install xml is world readable", }, { cve: "CVE-2013-2067", cwe: { id: "CWE-384", name: "Session Fixation", }, discovery_date: "2013-05-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "961779", }, ], notes: [ { category: "description", text: "java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.", title: "Vulnerability description", }, { category: "summary", text: "tomcat: Session fixation in form authenticator", title: "Vulnerability summary", }, { category: "other", text: "This flaw allows an attacker to circumvent a session fixation prevention mechanism which was implemented in tomcat 5.5.x >= 5.5.29, 6.0.x >= 6.0.21 and 7.x. Earlier versions of tomcat do not include this mechanism, and are therefore not affected by this flaw. JBoss Web as included in JBoss 5.x products also does not include this mechanism, and is not affected by this flaw.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-2067", }, { category: "external", summary: "RHBZ#961779", url: "https://bugzilla.redhat.com/show_bug.cgi?id=961779", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-2067", url: "https://www.cve.org/CVERecord?id=CVE-2013-2067", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-2067", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-2067", }, ], release_date: "2013-05-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-05-20T14:27:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update). Before applying this update, back up your\nexisting JBoss Enterprise Application Platform installation and deployed\napplications.", product_ids: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0833", }, ], scores: [ { cvss_v2: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:N/I:P/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 6.1", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tomcat: Session fixation in form authenticator", }, ], }
rhsa-2013_0206
Vulnerability from csaf_redhat
Published
2013-01-30 20:56
Modified
2024-11-22 06:23
Summary
Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 security update
Notes
Topic
An update for JBoss Enterprise Application Platform 5.2.0 which fixes one
security issue is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
JBoss Enterprise Application Platform is a platform for Java applications,
which integrates the JBoss Application Server with JBoss Hibernate and
JBoss Seam.
The GUI installer created a world-readable auto-install XML file containing
both the JBoss Enterprise Application Platform administrator password and
the sucker password for the selected messaging system in plain text. A
local user able to access the directory where the GUI installer for JBoss
Enterprise Application Platform 5.1.2 was run could use this flaw to gain
administrative access to the JBoss Enterprise Application Platform
instance. (CVE-2013-0218)
Note: This update provides the initial release of the GUI installer for
version 5.2.0. Users continuing to use the 5.1.2 installer will remain
vulnerable to this issue.
This issue was discovered by Arun Neelicattu of the Red Hat Security
Response Team.
Users requiring the GUI installer for JBoss Enterprise Application Platform
5.2.0 are advised to apply this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for JBoss Enterprise Application Platform 5.2.0 which fixes one\nsecurity issue is now available from the Red Hat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.", title: "Topic", }, { category: "general", text: "JBoss Enterprise Application Platform is a platform for Java applications,\nwhich integrates the JBoss Application Server with JBoss Hibernate and\nJBoss Seam.\n\nThe GUI installer created a world-readable auto-install XML file containing\nboth the JBoss Enterprise Application Platform administrator password and\nthe sucker password for the selected messaging system in plain text. A\nlocal user able to access the directory where the GUI installer for JBoss\nEnterprise Application Platform 5.1.2 was run could use this flaw to gain\nadministrative access to the JBoss Enterprise Application Platform\ninstance. (CVE-2013-0218)\n\nNote: This update provides the initial release of the GUI installer for\nversion 5.2.0. Users continuing to use the 5.1.2 installer will remain\nvulnerable to this issue.\n\nThis issue was discovered by Arun Neelicattu of the Red Hat Security\nResponse Team.\n\nUsers requiring the GUI installer for JBoss Enterprise Application Platform\n5.2.0 are advised to apply this update.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2013:0206", url: "https://access.redhat.com/errata/RHSA-2013:0206", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions&version=5.2.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=distributions&version=5.2.0", }, { category: "external", summary: "903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0206.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Application Platform 5.2.0 security update", tracking: { current_release_date: "2024-11-22T06:23:08+00:00", generator: { date: "2024-11-22T06:23:08+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2013:0206", initial_release_date: "2013-01-30T20:56:00+00:00", revision_history: [ { date: "2013-01-30T20:56:00+00:00", number: "1", summary: "Initial version", }, { date: "2013-01-30T21:05:06+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T06:23:08+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 5.2", product: { name: "Red Hat JBoss Enterprise Application Platform 5.2", product_id: "Red Hat JBoss Enterprise Application Platform 5.2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:5.2", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Arun Neelicattu", ], organization: "Red Hat Security Response Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2013-0218", discovery_date: "2013-01-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "903073", }, ], notes: [ { category: "description", text: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", title: "Vulnerability description", }, { category: "summary", text: "Installer: Generated auto-install xml is world readable", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Enterprise Application Platform 5.2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0218", }, { category: "external", summary: "RHBZ#903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0218", url: "https://www.cve.org/CVERecord?id=CVE-2013-0218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", }, ], release_date: "2013-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-01-30T20:56:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update).", product_ids: [ "Red Hat JBoss Enterprise Application Platform 5.2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0206", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Enterprise Application Platform 5.2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Installer: Generated auto-install xml is world readable", }, ], }
rhsa-2013:0207
Vulnerability from csaf_redhat
Published
2013-01-30 20:57
Modified
2024-11-22 06:23
Summary
Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 security update
Notes
Topic
An update for JBoss Enterprise Web Platform 5.2.0 which fixes one security
issue is now available from the Red Hat Customer Portal.
The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
The Enterprise Web Platform is a slimmed down profile of the JBoss
Enterprise Application Platform intended for mid-size workloads with light
and rich Java applications.
The GUI installer created a world-readable auto-install XML file containing
both the JBoss Enterprise Web Platform administrator password and the
sucker password for the selected messaging system in plain text. A local
user able to access the directory where the GUI installer for JBoss
Enterprise Web Platform 5.1.2 was run could use this flaw to gain
administrative access to the JBoss Enterprise Web Platform instance.
(CVE-2013-0218)
Note: This update provides the initial release of the GUI installer for
version 5.2.0. Users continuing to use the 5.1.2 installer will remain
vulnerable to this issue.
This issue was discovered by Arun Neelicattu of the Red Hat Security
Response Team.
Users requiring the GUI installer for JBoss Enterprise Web Platform 5.2.0
are advised to apply this update.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for JBoss Enterprise Web Platform 5.2.0 which fixes one security\nissue is now available from the Red Hat Customer Portal.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.", title: "Topic", }, { category: "general", text: "The Enterprise Web Platform is a slimmed down profile of the JBoss\nEnterprise Application Platform intended for mid-size workloads with light\nand rich Java applications.\n\nThe GUI installer created a world-readable auto-install XML file containing\nboth the JBoss Enterprise Web Platform administrator password and the\nsucker password for the selected messaging system in plain text. A local\nuser able to access the directory where the GUI installer for JBoss\nEnterprise Web Platform 5.1.2 was run could use this flaw to gain\nadministrative access to the JBoss Enterprise Web Platform instance.\n(CVE-2013-0218)\n\nNote: This update provides the initial release of the GUI installer for\nversion 5.2.0. Users continuing to use the 5.1.2 installer will remain\nvulnerable to this issue.\n\nThis issue was discovered by Arun Neelicattu of the Red Hat Security\nResponse Team.\n\nUsers requiring the GUI installer for JBoss Enterprise Web Platform 5.2.0\nare advised to apply this update.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2013:0207", url: "https://access.redhat.com/errata/RHSA-2013:0207", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#low", url: "https://access.redhat.com/security/updates/classification/#low", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=enterpriseweb.platform&version=5.2.0", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=enterpriseweb.platform&version=5.2.0", }, { category: "external", summary: "903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0207.json", }, ], title: "Red Hat Security Advisory: JBoss Enterprise Web Platform 5.2.0 security update", tracking: { current_release_date: "2024-11-22T06:23:12+00:00", generator: { date: "2024-11-22T06:23:12+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2013:0207", initial_release_date: "2013-01-30T20:57:00+00:00", revision_history: [ { date: "2013-01-30T20:57:00+00:00", number: "1", summary: "Initial version", }, { date: "2013-01-30T21:05:00+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T06:23:12+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Web Platform 5.2", product: { name: "Red Hat JBoss Web Platform 5.2", product_id: "Red Hat JBoss Web Platform 5.2", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_web_platform:5.2", }, }, }, ], category: "product_family", name: "Red Hat JBoss Web Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Arun Neelicattu", ], organization: "Red Hat Security Response Team", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2013-0218", discovery_date: "2013-01-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "903073", }, ], notes: [ { category: "description", text: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", title: "Vulnerability description", }, { category: "summary", text: "Installer: Generated auto-install xml is world readable", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Web Platform 5.2", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2013-0218", }, { category: "external", summary: "RHBZ#903073", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2013-0218", url: "https://www.cve.org/CVERecord?id=CVE-2013-0218", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", }, ], release_date: "2013-01-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2013-01-30T20:57:00+00:00", details: "The References section of this erratum contains a download link (you must\nlog in to download the update).", product_ids: [ "Red Hat JBoss Web Platform 5.2", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2013:0207", }, ], scores: [ { cvss_v2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, products: [ "Red Hat JBoss Web Platform 5.2", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "Installer: Generated auto-install xml is world readable", }, ], }
ghsa-g2hp-j2c6-f9v8
Vulnerability from github
Published
2022-05-05 02:48
Modified
2022-05-05 02:48
Details
The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.
{ affected: [], aliases: [ "CVE-2013-0218", ], database_specific: { cwe_ids: [ "CWE-200", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2013-02-05T23:55:00Z", severity: "LOW", }, details: "The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file.", id: "GHSA-g2hp-j2c6-f9v8", modified: "2022-05-05T02:48:35Z", published: "2022-05-05T02:48:35Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2013-0218", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=903073", }, { type: "WEB", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/81725", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2013-0206.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2013-0207.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2013-0833.html", }, { type: "WEB", url: "http://secunia.com/advisories/52041", }, { type: "WEB", url: "http://www.osvdb.org/89698", }, { type: "WEB", url: "http://www.securityfocus.com/bid/57652", }, ], schema_version: "1.4.0", severity: [], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.