Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-7503 (GCVE-0-2017-7503)
Vulnerability from cvelistv5
Published
2017-05-18 15:00
Modified
2024-08-05 16:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Restriction of XML External Entity Reference ('XXE')
Summary
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.securityfocus.com/bid/98546 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1451960 | Issue Tracking, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98546 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1451960 | Issue Tracking, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Red Hat, Inc. | JBoss Enterprise Application Platform |
Version: 7.0.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98546",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98546"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "JBoss Enterprise Application Platform",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "7.0.5"
}
]
}
],
"datePublic": "2017-05-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-24T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "98546",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98546"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7503",
"datePublished": "2017-05-18T15:00:00",
"dateReserved": "2017-04-05T00:00:00",
"dateUpdated": "2024-08-05T16:04:11.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-7503\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2017-05-18T15:29:00.173\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 que la implementaci\u00f3n de la funci\u00f3n javax.xml.transform.TransformerFactory en EAP versi\u00f3n 7.0.5 de Red Hat JBoss, es vulnerable a un ataque de tipo XXE. Un atacante podr\u00eda usar esta fallo para activar ataques de tipo DoS o SSRF, o leer archivos del servidor donde se implementa EAP.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC9E9FC7-E7CF-450F-8129-98048C32254D\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/98546\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1451960\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/98546\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1451960\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]}]}}"
}
}
cnvd-2017-07574
Vulnerability from cnvd
Title: Red Hat JBoss Enterprise Application Platform跨站脚本漏洞
Description:
Red Hat JBoss Enterprise Application Platform(EAP)是美国红帽(Red Hat)公司的一套开源、基于J2EE的中间件平台。该平台主要用于构建、部署和托管Java应用程序与服务。
Red Hat JBoss EAP 7.0.5版本中的javax.xml.transform.TransformerFactory实现过程存在跨站脚本漏洞。远程攻击者可利用该漏洞造成拒绝服务或实施服务器端请求伪造攻击,或读取服务器上的文件。
Severity: 中
Formal description:
目前厂商暂未发布修复措施解决此安全问题,建议使用此软件的用户随时关注厂商主页或参考网址以获取解决办法: https://www.redhat.com
Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1451960
Impacted products
| Name | Red Hat JBoss Enterprise Application Platform 7.0.5 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-7503"
}
},
"description": "Red Hat JBoss Enterprise Application Platform\uff08EAP\uff09\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u5957\u5f00\u6e90\u3001\u57fa\u4e8eJ2EE\u7684\u4e2d\u95f4\u4ef6\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u4e3b\u8981\u7528\u4e8e\u6784\u5efa\u3001\u90e8\u7f72\u548c\u6258\u7ba1Java\u5e94\u7528\u7a0b\u5e8f\u4e0e\u670d\u52a1\u3002\r\n\r\nRed Hat JBoss EAP 7.0.5\u7248\u672c\u4e2d\u7684javax.xml.transform.TransformerFactory\u5b9e\u73b0\u8fc7\u7a0b\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u6216\u5b9e\u65bd\u670d\u52a1\u5668\u7aef\u8bf7\u6c42\u4f2a\u9020\u653b\u51fb\uff0c\u6216\u8bfb\u53d6\u670d\u52a1\u5668\u4e0a\u7684\u6587\u4ef6\u3002",
"discovererName": "Jason Shepherd",
"formalWay": "\u76ee\u524d\u5382\u5546\u6682\u672a\u53d1\u5e03\u4fee\u590d\u63aa\u65bd\u89e3\u51b3\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u5efa\u8bae\u4f7f\u7528\u6b64\u8f6f\u4ef6\u7684\u7528\u6237\u968f\u65f6\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u6216\u53c2\u8003\u7f51\u5740\u4ee5\u83b7\u53d6\u89e3\u51b3\u529e\u6cd5\uff1a\r\nhttps://www.redhat.com",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-07574",
"openTime": "2017-05-24",
"products": {
"product": "Red Hat JBoss Enterprise Application Platform 7.0.5"
},
"referenceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960",
"serverity": "\u4e2d",
"submitTime": "2017-05-22",
"title": "Red Hat JBoss Enterprise Application Platform\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}
RHSA-2020:2563
Vulnerability from csaf_redhat
Published
2020-06-15 16:16
Modified
2025-09-25 12:19
Summary
Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update
Notes
Topic
This is a security update for JBoss EAP Continuous Delivery 14.0.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements.
Security Fix(es):
* XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465)
* XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE (CVE-2017-7503)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This is a security update for JBoss EAP Continuous Delivery 14.0.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465)\n\n* XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE (CVE-2017-7503)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2563",
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14"
},
{
"category": "external",
"summary": "1439980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
},
{
"category": "external",
"summary": "1451960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2563.json"
}
],
"title": "Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update",
"tracking": {
"current_release_date": "2025-09-25T12:19:49+00:00",
"generator": {
"date": "2025-09-25T12:19:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.8"
}
},
"id": "RHSA-2020:2563",
"initial_release_date": "2020-06-15T16:16:39+00:00",
"revision_history": [
{
"date": "2020-06-15T16:16:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-06-15T16:16:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-25T12:19:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EAP-CD 14 Tech Preview",
"product": {
"name": "EAP-CD 14 Tech Preview",
"product_id": "EAP-CD 14 Tech Preview",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_cd:14"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Jason Shepherd"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7465",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2017-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1439980"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the JAXP implementation used in EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JBoss: JAXP in EAP 7.0 allows RCE via XSL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 14 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7465"
},
{
"category": "external",
"summary": "RHBZ#1439980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7465",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465"
}
],
"release_date": "2017-04-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:16:39+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 14 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "workaround",
"details": "Doing a transform in JAXP requires the use of a \u0027javax.xml.transform.TransformerFactory\u0027. If the FEATURE_SECURE_PROCESSING feature is set to \u0027true\u0027, it mitigates this vulnerability. Eg:\n\nTransformerFactory factory = TransformerFactory.newInstance();\nfactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);",
"product_ids": [
"EAP-CD 14 Tech Preview"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"EAP-CD 14 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JBoss: JAXP in EAP 7.0 allows RCE via XSL"
},
{
"acknowledgments": [
{
"names": [
"Jason Shepherd"
],
"organization": "Red Hat Product Security",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Katerina Novotna"
],
"organization": "Red Hat Quality Engineering",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7503",
"discovery_date": "2017-05-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1451960"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: XXE issue in TransformerFactory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 14 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7503"
},
{
"category": "external",
"summary": "RHBZ#1451960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7503",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503"
}
],
"release_date": "2017-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:16:39+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 14 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "workaround",
"details": "This issue affects processing of XML content from an untrusted source using a javax.xml.transform.TransformerFactory. The only safe way to process untrusted XML content with a TransformerFactory is to use the StAX API. StAX is a safe implementation on EAP 7.0.x because the XML content is not read in it\u0027s entirety in order to parse it. As a developer using StAX, you decide which XML stream events you want to react to, so XXE control constructs won\u0027t be processed automatically by the parser.",
"product_ids": [
"EAP-CD 14 Tech Preview"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"EAP-CD 14 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: XXE issue in TransformerFactory"
}
]
}
rhsa-2020_2563
Vulnerability from csaf_redhat
Published
2020-06-15 16:16
Modified
2024-11-22 15:10
Summary
Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update
Notes
Topic
This is a security update for JBoss EAP Continuous Delivery 14.0.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements.
Security Fix(es):
* XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465)
* XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE (CVE-2017-7503)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This is a security update for JBoss EAP Continuous Delivery 14.0.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465)\n\n* XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE (CVE-2017-7503)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2563",
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14"
},
{
"category": "external",
"summary": "1439980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
},
{
"category": "external",
"summary": "1451960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2563.json"
}
],
"title": "Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update",
"tracking": {
"current_release_date": "2024-11-22T15:10:53+00:00",
"generator": {
"date": "2024-11-22T15:10:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:2563",
"initial_release_date": "2020-06-15T16:16:39+00:00",
"revision_history": [
{
"date": "2020-06-15T16:16:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-06-15T16:16:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T15:10:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EAP-CD 14 Tech Preview",
"product": {
"name": "EAP-CD 14 Tech Preview",
"product_id": "EAP-CD 14 Tech Preview",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_cd:14"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Jason Shepherd"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7465",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2017-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1439980"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the JAXP implementation used in EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JBoss: JAXP in EAP 7.0 allows RCE via XSL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 14 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7465"
},
{
"category": "external",
"summary": "RHBZ#1439980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7465",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465"
}
],
"release_date": "2017-04-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:16:39+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 14 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "workaround",
"details": "Doing a transform in JAXP requires the use of a \u0027javax.xml.transform.TransformerFactory\u0027. If the FEATURE_SECURE_PROCESSING feature is set to \u0027true\u0027, it mitigates this vulnerability. Eg:\n\nTransformerFactory factory = TransformerFactory.newInstance();\nfactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);",
"product_ids": [
"EAP-CD 14 Tech Preview"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"EAP-CD 14 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JBoss: JAXP in EAP 7.0 allows RCE via XSL"
},
{
"acknowledgments": [
{
"names": [
"Jason Shepherd"
],
"organization": "Red Hat Product Security",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Katerina Novotna"
],
"organization": "Red Hat Quality Engineering",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7503",
"discovery_date": "2017-05-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1451960"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: XXE issue in TransformerFactory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 14 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7503"
},
{
"category": "external",
"summary": "RHBZ#1451960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7503",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503"
}
],
"release_date": "2017-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:16:39+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 14 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "workaround",
"details": "This issue affects processing of XML content from an untrusted source using a javax.xml.transform.TransformerFactory. The only safe way to process untrusted XML content with a TransformerFactory is to use the StAX API. StAX is a safe implementation on EAP 7.0.x because the XML content is not read in it\u0027s entirety in order to parse it. As a developer using StAX, you decide which XML stream events you want to react to, so XXE control constructs won\u0027t be processed automatically by the parser.",
"product_ids": [
"EAP-CD 14 Tech Preview"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"EAP-CD 14 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: XXE issue in TransformerFactory"
}
]
}
rhsa-2020:2563
Vulnerability from csaf_redhat
Published
2020-06-15 16:16
Modified
2025-09-25 12:19
Summary
Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update
Notes
Topic
This is a security update for JBoss EAP Continuous Delivery 14.0.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements.
Security Fix(es):
* XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465)
* XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE (CVE-2017-7503)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This is a security update for JBoss EAP Continuous Delivery 14.0.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform CD14 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD14 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* XML Frameworks: JBoss: JAXP in EAP 7.0 allows RCE via XSL (CVE-2017-7465)\n\n* XML Frameworks: TransformerFactory in JBoss EAP 7 is vulnerable to XXE (CVE-2017-7503)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2563",
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=eap-cd\u0026version=14"
},
{
"category": "external",
"summary": "1439980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
},
{
"category": "external",
"summary": "1451960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2563.json"
}
],
"title": "Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 14 security update",
"tracking": {
"current_release_date": "2025-09-25T12:19:49+00:00",
"generator": {
"date": "2025-09-25T12:19:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.8"
}
},
"id": "RHSA-2020:2563",
"initial_release_date": "2020-06-15T16:16:39+00:00",
"revision_history": [
{
"date": "2020-06-15T16:16:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-06-15T16:16:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-25T12:19:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "EAP-CD 14 Tech Preview",
"product": {
"name": "EAP-CD 14 Tech Preview",
"product_id": "EAP-CD 14 Tech Preview",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_cd:14"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Jason Shepherd"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7465",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2017-04-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1439980"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the JAXP implementation used in EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JBoss: JAXP in EAP 7.0 allows RCE via XSL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 14 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7465"
},
{
"category": "external",
"summary": "RHBZ#1439980",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439980"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7465",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7465"
}
],
"release_date": "2017-04-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:16:39+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 14 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "workaround",
"details": "Doing a transform in JAXP requires the use of a \u0027javax.xml.transform.TransformerFactory\u0027. If the FEATURE_SECURE_PROCESSING feature is set to \u0027true\u0027, it mitigates this vulnerability. Eg:\n\nTransformerFactory factory = TransformerFactory.newInstance();\nfactory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);",
"product_ids": [
"EAP-CD 14 Tech Preview"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"EAP-CD 14 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JBoss: JAXP in EAP 7.0 allows RCE via XSL"
},
{
"acknowledgments": [
{
"names": [
"Jason Shepherd"
],
"organization": "Red Hat Product Security",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Katerina Novotna"
],
"organization": "Red Hat Quality Engineering",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-7503",
"discovery_date": "2017-05-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1451960"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "EAP: XXE issue in TransformerFactory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"EAP-CD 14 Tech Preview"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7503"
},
{
"category": "external",
"summary": "RHBZ#1451960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7503",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503"
}
],
"release_date": "2017-05-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:16:39+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"EAP-CD 14 Tech Preview"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2563"
},
{
"category": "workaround",
"details": "This issue affects processing of XML content from an untrusted source using a javax.xml.transform.TransformerFactory. The only safe way to process untrusted XML content with a TransformerFactory is to use the StAX API. StAX is a safe implementation on EAP 7.0.x because the XML content is not read in it\u0027s entirety in order to parse it. As a developer using StAX, you decide which XML stream events you want to react to, so XXE control constructs won\u0027t be processed automatically by the parser.",
"product_ids": [
"EAP-CD 14 Tech Preview"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"EAP-CD 14 Tech Preview"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "EAP: XXE issue in TransformerFactory"
}
]
}
ghsa-2f38-5w6m-7c6f
Vulnerability from github
Published
2022-05-17 02:43
Modified
2022-05-17 02:43
Severity ?
VLAI Severity ?
Details
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.
{
"affected": [],
"aliases": [
"CVE-2017-7503"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-05-18T15:29:00Z",
"severity": "CRITICAL"
},
"details": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
"id": "GHSA-2f38-5w6m-7c6f",
"modified": "2022-05-17T02:43:12Z",
"published": "2022-05-17T02:43:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7503"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/98546"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
fkie_cve-2017-7503
Vulnerability from fkie_nvd
Published
2017-05-18 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.securityfocus.com/bid/98546 | Third Party Advisory, VDB Entry | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1451960 | Issue Tracking, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98546 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1451960 | Issue Tracking, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | jboss_enterprise_application_platform | 7.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC9E9FC7-E7CF-450F-8129-98048C32254D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed."
},
{
"lang": "es",
"value": "Se encontr\u00f3 que la implementaci\u00f3n de la funci\u00f3n javax.xml.transform.TransformerFactory en EAP versi\u00f3n 7.0.5 de Red Hat JBoss, es vulnerable a un ataque de tipo XXE. Un atacante podr\u00eda usar esta fallo para activar ataques de tipo DoS o SSRF, o leer archivos del servidor donde se implementa EAP."
}
],
"id": "CVE-2017-7503",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-18T15:29:00.173",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98546"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2017-7503
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-7503",
"description": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
"id": "GSD-2017-7503",
"references": [
"https://access.redhat.com/errata/RHSA-2020:2563"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-7503"
],
"details": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.",
"id": "GSD-2017-7503",
"modified": "2023-12-13T01:21:06.545641Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-7503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "JBoss Enterprise Application Platform",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.0.5"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/98546",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/98546"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2017-7503"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451960"
},
{
"name": "98546",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98546"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": true,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2017-05-31T18:13Z",
"publishedDate": "2017-05-18T15:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…