Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-9159 (GCVE-0-2018-9159)
Vulnerability from cvelistv5
Published
2018-03-31 21:00
Modified
2024-08-05 07:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:17:51.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/perwendel/spark/issues/981"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd"
},
{
"name": "RHSA-2018:2020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
},
{
"name": "RHSA-2018:2405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://sparkjava.com/news#spark-272-released"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-15T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/perwendel/spark/issues/981"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd"
},
{
"name": "RHSA-2018:2020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
},
{
"name": "RHSA-2018:2405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://sparkjava.com/news#spark-272-released"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9159",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/perwendel/spark/issues/981",
"refsource": "MISC",
"url": "https://github.com/perwendel/spark/issues/981"
},
{
"name": "https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd",
"refsource": "MISC",
"url": "https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd"
},
{
"name": "RHSA-2018:2020",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
},
{
"name": "RHSA-2018:2405",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"name": "https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc",
"refsource": "MISC",
"url": "https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc"
},
{
"name": "http://sparkjava.com/news#spark-272-released",
"refsource": "MISC",
"url": "http://sparkjava.com/news#spark-272-released"
},
{
"name": "https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668",
"refsource": "MISC",
"url": "https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-9159",
"datePublished": "2018-03-31T21:00:00",
"dateReserved": "2018-03-31T00:00:00",
"dateUpdated": "2024-08-05T07:17:51.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-9159\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-03-31T21:29:00.373\",\"lastModified\":\"2024-11-21T04:15:06.177\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.\"},{\"lang\":\"es\",\"value\":\"En Spark en versiones anteriores a la 2.7.2, un atacante remoto puede leer archivos est\u00e1ticos no deseados mediante varias representaciones de nombres de ruta relativos o absolutos, tal y como queda demostrado con las secuencias de URL de archivos y saltos de directorio. NOTA: este producto no est\u00e1 relacionado con Ignite Realtime Spark.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sparkjava:spark:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2\",\"matchCriteriaId\":\"F6D877A4-D00C-4CDC-9D9F-25A04579D30F\"}]}]}],\"references\":[{\"url\":\"http://sparkjava.com/news#spark-272-released\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2020\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2405\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/perwendel/spark/issues/981\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"http://sparkjava.com/news#spark-272-released\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2020\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2405\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/perwendel/spark/issues/981\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]}]}}"
}
}
RHSA-2018:2405
Vulnerability from csaf_redhat
Published
2018-08-14 19:51
Modified
2025-09-10 14:23
Summary
Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R7 security and bug fix update
Notes
Topic
An update is now available for Red Hat Fuse Integration Services.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift.
Security fix(es):
* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)
* spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code (CVE-2017-8046)
* spring-framework: Improper URL path validation allows for bypassing of security checks on static resources (CVE-2018-1199)
* ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints (CVE-2018-1295)
* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
The CVE-2017-12196 issue was discovered by Jan Stourac (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Fuse Integration Services.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift.\n\nSecurity fix(es):\n\n* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)\n\n* spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code (CVE-2017-8046)\n\n* spring-framework: Improper URL path validation allows for bypassing of security checks on static resources (CVE-2018-1199)\n\n* ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints (CVE-2018-1295)\n\n* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nThe CVE-2017-12196 issue was discovered by Jan Stourac (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2405",
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3060411",
"url": "https://access.redhat.com/articles/3060411"
},
{
"category": "external",
"summary": "1503055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055"
},
{
"category": "external",
"summary": "1540030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540030"
},
{
"category": "external",
"summary": "1553024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553024"
},
{
"category": "external",
"summary": "1563133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563133"
},
{
"category": "external",
"summary": "1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2405.json"
}
],
"title": "Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R7 security and bug fix update",
"tracking": {
"current_release_date": "2025-09-10T14:23:44+00:00",
"generator": {
"date": "2025-09-10T14:23:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.7"
}
},
"id": "RHSA-2018:2405",
"initial_release_date": "2018-08-14T19:51:07+00:00",
"revision_history": [
{
"date": "2018-08-14T19:51:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-08-14T19:51:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-10T14:23:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
"product": {
"name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
"product_id": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:6.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-8046",
"discovery_date": "2018-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553024"
}
],
"notes": [
{
"category": "description",
"text": "Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While there might be compatibility issues upgrading Spring REST Data independently of the Spring Boot version we recommend that customers make sure they are using a fixed version of Spring Data REST 2.6.9, or 3.0.1. RHOAR has now upgraded to version 1.5.10 of Spring Boot which is compatible with fixed versions of Spring DATA Rest.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-8046"
},
{
"category": "external",
"summary": "RHBZ#1553024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553024"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-8046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8046"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code"
},
{
"acknowledgments": [
{
"names": [
"Jan Stourac"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12196",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-10-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503055"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that when using Digest authentication, the server does not ensure that the value of the URI in the authorization header matches the URI in the HTTP request line. This allows the attacker to execute a MITM attack and access the desired content on the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Client can use bogus uri in Digest authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12196"
},
{
"category": "external",
"summary": "RHBZ#1503055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12196",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196"
}
],
"release_date": "2018-03-12T15:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Client can use bogus uri in Digest authentication"
},
{
"cve": "CVE-2018-1199",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-01-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1540030"
}
],
"notes": [
{
"category": "description",
"text": "Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-framework: Improper URL path validation allows for bypassing of security checks on static resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1199"
},
{
"category": "external",
"summary": "RHBZ#1540030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1199",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1199"
},
{
"category": "external",
"summary": "https://pivotal.io/security/cve-2018-1199",
"url": "https://pivotal.io/security/cve-2018-1199"
}
],
"release_date": "2018-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"category": "workaround",
"details": "As a general precaution, users are encouraged to separate public and private resources. For example, separating static resources and mapping them to /resources/public/** and /resources/private/** is preferred to having one common root with mixed public and private resource content underneath.",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-framework: Improper URL path validation allows for bypassing of security checks on static resources"
},
{
"cve": "CVE-2018-1295",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1563133"
}
],
"notes": [
{
"category": "description",
"text": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1295"
},
{
"category": "external",
"summary": "RHBZ#1563133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1295",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1295"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1295",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1295"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E",
"url": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E"
}
],
"release_date": "2018-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints"
},
{
"cve": "CVE-2018-9159",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2018-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1563732"
}
],
"notes": [
{
"category": "description",
"text": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spark: Absolute and relative pathnames allow for unintended static file disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-9159"
},
{
"category": "external",
"summary": "RHBZ#1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-9159",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spark: Absolute and relative pathnames allow for unintended static file disclosure"
}
]
}
rhsa-2018_2020
Vulnerability from csaf_redhat
Published
2018-06-26 16:40
Modified
2024-11-22 12:09
Summary
Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R8 security and bug fix update
Notes
Topic
An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform.
Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.
This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.
Security Fix(es):
* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. \n\nRed Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.\n\nSecurity Fix(es):\n\n* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2020",
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq/6.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq/6.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_fuse/6.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/6.3/"
},
{
"category": "external",
"summary": "1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2020.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R8 security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T12:09:05+00:00",
"generator": {
"date": "2024-11-22T12:09:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2018:2020",
"initial_release_date": "2018-06-26T16:40:19+00:00",
"revision_history": [
{
"date": "2018-06-26T16:40:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-06-26T16:40:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T12:09:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss A-MQ 6.3",
"product": {
"name": "Red Hat JBoss A-MQ 6.3",
"product_id": "Red Hat JBoss A-MQ 6.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:6.3"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Fuse 6.3",
"product": {
"name": "Red Hat JBoss Fuse 6.3",
"product_id": "Red Hat JBoss Fuse 6.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:6.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-9159",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2018-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1563732"
}
],
"notes": [
{
"category": "description",
"text": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spark: Absolute and relative pathnames allow for unintended static file disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.3",
"Red Hat JBoss Fuse 6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-9159"
},
{
"category": "external",
"summary": "RHBZ#1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-9159",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-26T16:40:19+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.3",
"Red Hat JBoss Fuse 6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss A-MQ 6.3",
"Red Hat JBoss Fuse 6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spark: Absolute and relative pathnames allow for unintended static file disclosure"
}
]
}
rhsa-2018_2405
Vulnerability from csaf_redhat
Published
2018-08-14 19:51
Modified
2024-11-22 12:13
Summary
Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R7 security and bug fix update
Notes
Topic
An update is now available for Red Hat Fuse Integration Services.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift.
Security fix(es):
* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)
* spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code (CVE-2017-8046)
* spring-framework: Improper URL path validation allows for bypassing of security checks on static resources (CVE-2018-1199)
* ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints (CVE-2018-1295)
* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
The CVE-2017-12196 issue was discovered by Jan Stourac (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Fuse Integration Services.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift.\n\nSecurity fix(es):\n\n* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)\n\n* spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code (CVE-2017-8046)\n\n* spring-framework: Improper URL path validation allows for bypassing of security checks on static resources (CVE-2018-1199)\n\n* ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints (CVE-2018-1295)\n\n* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nThe CVE-2017-12196 issue was discovered by Jan Stourac (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2405",
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3060411",
"url": "https://access.redhat.com/articles/3060411"
},
{
"category": "external",
"summary": "1503055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055"
},
{
"category": "external",
"summary": "1540030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540030"
},
{
"category": "external",
"summary": "1553024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553024"
},
{
"category": "external",
"summary": "1563133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563133"
},
{
"category": "external",
"summary": "1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2405.json"
}
],
"title": "Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R7 security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T12:13:00+00:00",
"generator": {
"date": "2024-11-22T12:13:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2018:2405",
"initial_release_date": "2018-08-14T19:51:07+00:00",
"revision_history": [
{
"date": "2018-08-14T19:51:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-08-14T19:51:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T12:13:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
"product": {
"name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
"product_id": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:6.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-8046",
"discovery_date": "2018-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553024"
}
],
"notes": [
{
"category": "description",
"text": "Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While there might be compatibility issues upgrading Spring REST Data independently of the Spring Boot version we recommend that customers make sure they are using a fixed version of Spring Data REST 2.6.9, or 3.0.1. RHOAR has now upgraded to version 1.5.10 of Spring Boot which is compatible with fixed versions of Spring DATA Rest.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-8046"
},
{
"category": "external",
"summary": "RHBZ#1553024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553024"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-8046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8046"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code"
},
{
"acknowledgments": [
{
"names": [
"Jan Stourac"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12196",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-10-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503055"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that when using Digest authentication, the server does not ensure that the value of the URI in the authorization header matches the URI in the HTTP request line. This allows the attacker to execute a MITM attack and access the desired content on the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Client can use bogus uri in Digest authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12196"
},
{
"category": "external",
"summary": "RHBZ#1503055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12196",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196"
}
],
"release_date": "2018-03-12T15:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Client can use bogus uri in Digest authentication"
},
{
"cve": "CVE-2018-1199",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-01-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1540030"
}
],
"notes": [
{
"category": "description",
"text": "Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-framework: Improper URL path validation allows for bypassing of security checks on static resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1199"
},
{
"category": "external",
"summary": "RHBZ#1540030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1199",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1199"
},
{
"category": "external",
"summary": "https://pivotal.io/security/cve-2018-1199",
"url": "https://pivotal.io/security/cve-2018-1199"
}
],
"release_date": "2018-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"category": "workaround",
"details": "As a general precaution, users are encouraged to separate public and private resources. For example, separating static resources and mapping them to /resources/public/** and /resources/private/** is preferred to having one common root with mixed public and private resource content underneath.",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-framework: Improper URL path validation allows for bypassing of security checks on static resources"
},
{
"cve": "CVE-2018-1295",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1563133"
}
],
"notes": [
{
"category": "description",
"text": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1295"
},
{
"category": "external",
"summary": "RHBZ#1563133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1295",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1295"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1295",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1295"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E",
"url": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E"
}
],
"release_date": "2018-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints"
},
{
"cve": "CVE-2018-9159",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2018-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1563732"
}
],
"notes": [
{
"category": "description",
"text": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spark: Absolute and relative pathnames allow for unintended static file disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-9159"
},
{
"category": "external",
"summary": "RHBZ#1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-9159",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spark: Absolute and relative pathnames allow for unintended static file disclosure"
}
]
}
rhsa-2018:2405
Vulnerability from csaf_redhat
Published
2018-08-14 19:51
Modified
2025-09-10 14:23
Summary
Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R7 security and bug fix update
Notes
Topic
An update is now available for Red Hat Fuse Integration Services.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift.
Security fix(es):
* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)
* spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code (CVE-2017-8046)
* spring-framework: Improper URL path validation allows for bypassing of security checks on static resources (CVE-2018-1199)
* ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints (CVE-2018-1295)
* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
The CVE-2017-12196 issue was discovered by Jan Stourac (Red Hat).
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Fuse Integration Services.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift.\n\nSecurity fix(es):\n\n* undertow: Client can use bogus uri in Digest authentication (CVE-2017-12196)\n\n* spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code (CVE-2017-8046)\n\n* spring-framework: Improper URL path validation allows for bypassing of security checks on static resources (CVE-2018-1199)\n\n* ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints (CVE-2018-1295)\n\n* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nThe CVE-2017-12196 issue was discovered by Jan Stourac (Red Hat).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2405",
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3060411",
"url": "https://access.redhat.com/articles/3060411"
},
{
"category": "external",
"summary": "1503055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055"
},
{
"category": "external",
"summary": "1540030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540030"
},
{
"category": "external",
"summary": "1553024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553024"
},
{
"category": "external",
"summary": "1563133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563133"
},
{
"category": "external",
"summary": "1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2405.json"
}
],
"title": "Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R7 security and bug fix update",
"tracking": {
"current_release_date": "2025-09-10T14:23:44+00:00",
"generator": {
"date": "2025-09-10T14:23:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.7"
}
},
"id": "RHSA-2018:2405",
"initial_release_date": "2018-08-14T19:51:07+00:00",
"revision_history": [
{
"date": "2018-08-14T19:51:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-08-14T19:51:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-10T14:23:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
"product": {
"name": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
"product_id": "Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:6.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-8046",
"discovery_date": "2018-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553024"
}
],
"notes": [
{
"category": "description",
"text": "Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While there might be compatibility issues upgrading Spring REST Data independently of the Spring Boot version we recommend that customers make sure they are using a fixed version of Spring Data REST 2.6.9, or 3.0.1. RHOAR has now upgraded to version 1.5.10 of Spring Boot which is compatible with fixed versions of Spring DATA Rest.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-8046"
},
{
"category": "external",
"summary": "RHBZ#1553024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553024"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-8046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-8046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8046"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "spring-boot: Malicious PATCH requests submitted to servers can use specially crafted JSON data to run arbitrary Java code"
},
{
"acknowledgments": [
{
"names": [
"Jan Stourac"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12196",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-10-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1503055"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that when using Digest authentication, the server does not ensure that the value of the URI in the authorization header matches the URI in the HTTP request line. This allows the attacker to execute a MITM attack and access the desired content on the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Client can use bogus uri in Digest authentication",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12196"
},
{
"category": "external",
"summary": "RHBZ#1503055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503055"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12196",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12196"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12196"
}
],
"release_date": "2018-03-12T15:56:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Client can use bogus uri in Digest authentication"
},
{
"cve": "CVE-2018-1199",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-01-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1540030"
}
],
"notes": [
{
"category": "description",
"text": "Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-framework: Improper URL path validation allows for bypassing of security checks on static resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1199"
},
{
"category": "external",
"summary": "RHBZ#1540030",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540030"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1199",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1199"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1199",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1199"
},
{
"category": "external",
"summary": "https://pivotal.io/security/cve-2018-1199",
"url": "https://pivotal.io/security/cve-2018-1199"
}
],
"release_date": "2018-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"category": "workaround",
"details": "As a general precaution, users are encouraged to separate public and private resources. For example, separating static resources and mapping them to /resources/public/** and /resources/private/** is preferred to having one common root with mixed public and private resource content underneath.",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spring-framework: Improper URL path validation allows for bypassing of security checks on static resources"
},
{
"cve": "CVE-2018-1295",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1563133"
}
],
"notes": [
{
"category": "description",
"text": "In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to one of the deserialization endpoints of some Ignite components - discovery SPI, Ignite persistence, Memcached endpoint, socket steamer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1295"
},
{
"category": "external",
"summary": "RHBZ#1563133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1295",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1295"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1295",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1295"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E",
"url": "https://lists.apache.org/thread.html/45e7d5e2c6face85aab693f5ae0616563132ff757e5a558da80d0209@%3Cdev.ignite.apache.org%3E"
}
],
"release_date": "2018-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ignite: Possible Execution of Arbitrary Code Within Deserialization Endpoints"
},
{
"cve": "CVE-2018-9159",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2018-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1563732"
}
],
"notes": [
{
"category": "description",
"text": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spark: Absolute and relative pathnames allow for unintended static file disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-9159"
},
{
"category": "external",
"summary": "RHBZ#1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-9159",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-08-14T19:51:07+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nUpdating instructions and release notes may be found at:\n\nhttps://access.redhat.com/articles/3060411",
"product_ids": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spark: Absolute and relative pathnames allow for unintended static file disclosure"
}
]
}
rhsa-2018:2020
Vulnerability from csaf_redhat
Published
2018-06-26 16:40
Modified
2025-09-10 14:23
Summary
Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R8 security and bug fix update
Notes
Topic
An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform.
Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.
This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.
Security Fix(es):
* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. \n\nRed Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.\n\nSecurity Fix(es):\n\n* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2020",
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq/6.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq/6.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_fuse/6.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/6.3/"
},
{
"category": "external",
"summary": "1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2020.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R8 security and bug fix update",
"tracking": {
"current_release_date": "2025-09-10T14:23:21+00:00",
"generator": {
"date": "2025-09-10T14:23:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.7"
}
},
"id": "RHSA-2018:2020",
"initial_release_date": "2018-06-26T16:40:19+00:00",
"revision_history": [
{
"date": "2018-06-26T16:40:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-06-26T16:40:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-10T14:23:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss A-MQ 6.3",
"product": {
"name": "Red Hat JBoss A-MQ 6.3",
"product_id": "Red Hat JBoss A-MQ 6.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:6.3"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Fuse 6.3",
"product": {
"name": "Red Hat JBoss Fuse 6.3",
"product_id": "Red Hat JBoss Fuse 6.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:6.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-9159",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2018-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1563732"
}
],
"notes": [
{
"category": "description",
"text": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spark: Absolute and relative pathnames allow for unintended static file disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.3",
"Red Hat JBoss Fuse 6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-9159"
},
{
"category": "external",
"summary": "RHBZ#1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-9159",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-26T16:40:19+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.3",
"Red Hat JBoss Fuse 6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss A-MQ 6.3",
"Red Hat JBoss Fuse 6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spark: Absolute and relative pathnames allow for unintended static file disclosure"
}
]
}
RHSA-2018:2020
Vulnerability from csaf_redhat
Published
2018-06-26 16:40
Modified
2025-09-10 14:23
Summary
Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R8 security and bug fix update
Notes
Topic
An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform.
Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.
This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.
Security Fix(es):
* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. \n\nRed Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications.\n\nThis patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files.\n\nSecurity Fix(es):\n\n* spark: Absolute and relative pathnames allow for unintended static file disclosure (CVE-2018-9159)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:2020",
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=jboss.fuse\u0026downloadType=securityPatches\u0026version=6.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=jboss.amq.broker\u0026version=6.3.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_amq/6.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_amq/6.3/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_fuse/6.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/6.3/"
},
{
"category": "external",
"summary": "1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_2020.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R8 security and bug fix update",
"tracking": {
"current_release_date": "2025-09-10T14:23:21+00:00",
"generator": {
"date": "2025-09-10T14:23:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.7"
}
},
"id": "RHSA-2018:2020",
"initial_release_date": "2018-06-26T16:40:19+00:00",
"revision_history": [
{
"date": "2018-06-26T16:40:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-06-26T16:40:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-10T14:23:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss A-MQ 6.3",
"product": {
"name": "Red Hat JBoss A-MQ 6.3",
"product_id": "Red Hat JBoss A-MQ 6.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_amq:6.3"
}
}
},
{
"category": "product_name",
"name": "Red Hat JBoss Fuse 6.3",
"product": {
"name": "Red Hat JBoss Fuse 6.3",
"product_id": "Red Hat JBoss Fuse 6.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:6.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-9159",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2018-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1563732"
}
],
"notes": [
{
"category": "description",
"text": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spark: Absolute and relative pathnames allow for unintended static file disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss A-MQ 6.3",
"Red Hat JBoss Fuse 6.3"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-9159"
},
{
"category": "external",
"summary": "RHBZ#1563732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1563732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-9159",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159"
}
],
"release_date": "2018-03-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-26T16:40:19+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are located in the download section of the customer portal.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss A-MQ 6.3",
"Red Hat JBoss Fuse 6.3"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss A-MQ 6.3",
"Red Hat JBoss Fuse 6.3"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spark: Absolute and relative pathnames allow for unintended static file disclosure"
}
]
}
gsd-2018-9159
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-9159",
"description": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
"id": "GSD-2018-9159",
"references": [
"https://www.suse.com/security/cve/CVE-2018-9159.html",
"https://access.redhat.com/errata/RHSA-2018:2405",
"https://access.redhat.com/errata/RHSA-2018:2020"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-9159"
],
"details": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
"id": "GSD-2018-9159",
"modified": "2023-12-13T01:22:33.971714Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9159",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/perwendel/spark/issues/981",
"refsource": "MISC",
"url": "https://github.com/perwendel/spark/issues/981"
},
{
"name": "https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd",
"refsource": "MISC",
"url": "https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd"
},
{
"name": "RHSA-2018:2020",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
},
{
"name": "RHSA-2018:2405",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"name": "https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc",
"refsource": "MISC",
"url": "https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc"
},
{
"name": "http://sparkjava.com/news#spark-272-released",
"refsource": "MISC",
"url": "http://sparkjava.com/news#spark-272-released"
},
{
"name": "https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668",
"refsource": "MISC",
"url": "https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,2.7.2)",
"affected_versions": "All versions before 2.7.2",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-22",
"CWE-937"
],
"date": "2019-10-03",
"description": "In Spark, a remote attacker can read unintended static files via various representations of absolute or relative pathnames.",
"fixed_versions": [
"2.7.2"
],
"identifier": "CVE-2018-9159",
"identifiers": [
"CVE-2018-9159"
],
"not_impacted": "All versions starting from 2.7.2",
"package_slug": "maven/com.sparkjava/spark-core",
"pubdate": "2018-03-31",
"solution": "Upgrade to version 2.7.2 or above.",
"title": "Path Traversal",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2018-9159",
"http://sparkjava.com/news#spark-272-released",
"https://github.com/perwendel/spark/issues/981"
],
"uuid": "4d5df9fc-0f66-4ab1-8fd9-dd40382fe547"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sparkjava:spark:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.7.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9159"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/perwendel/spark/issues/981",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/issues/981"
},
{
"name": "https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc"
},
{
"name": "https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd"
},
{
"name": "https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668"
},
{
"name": "http://sparkjava.com/news#spark-272-released",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "http://sparkjava.com/news#spark-272-released"
},
{
"name": "RHSA-2018:2020",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
},
{
"name": "RHSA-2018:2405",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2019-10-03T00:03Z",
"publishedDate": "2018-03-31T21:29Z"
}
}
}
fkie_cve-2018-9159
Vulnerability from fkie_nvd
Published
2018-03-31 21:29
Modified
2024-11-21 04:15
Severity ?
Summary
In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sparkjava:spark:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D877A4-D00C-4CDC-9D9F-25A04579D30F",
"versionEndExcluding": "2.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark."
},
{
"lang": "es",
"value": "En Spark en versiones anteriores a la 2.7.2, un atacante remoto puede leer archivos est\u00e1ticos no deseados mediante varias representaciones de nombres de ruta relativos o absolutos, tal y como queda demostrado con las secuencias de URL de archivos y saltos de directorio. NOTA: este producto no est\u00e1 relacionado con Ignite Realtime Spark."
}
],
"id": "CVE-2018-9159",
"lastModified": "2024-11-21T04:15:06.177",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-31T21:29:00.373",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://sparkjava.com/news#spark-272-released"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/issues/981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://sparkjava.com/news#spark-272-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/perwendel/spark/issues/981"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-76qr-mmh8-cp8f
Vulnerability from github
Published
2018-10-19 16:56
Modified
2021-09-02 19:24
Severity ?
VLAI Severity ?
Summary
Moderate severity vulnerability that affects com.sparkjava:spark-core
Details
In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.sparkjava:spark-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.7.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-9159"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T21:21:39Z",
"nvd_published_at": null,
"severity": "MODERATE"
},
"details": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
"id": "GHSA-76qr-mmh8-cp8f",
"modified": "2021-09-02T19:24:32Z",
"published": "2018-10-19T16:56:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159"
},
{
"type": "WEB",
"url": "https://github.com/perwendel/spark/issues/981"
},
{
"type": "WEB",
"url": "https://github.com/perwendel/spark/commit/030e9d00125cbd1ad759668f85488aba1019c668"
},
{
"type": "WEB",
"url": "https://github.com/perwendel/spark/commit/a221a864db28eb736d36041df2fa6eb8839fc5cd"
},
{
"type": "WEB",
"url": "https://github.com/perwendel/spark/commit/ce9e11517eca69e58ed4378d1e47a02bd06863cc"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2020"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2405"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-76qr-mmh8-cp8f"
},
{
"type": "PACKAGE",
"url": "https://github.com/perwendel/spark"
},
{
"type": "WEB",
"url": "http://sparkjava.com/news#spark-272-released"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Moderate severity vulnerability that affects com.sparkjava:spark-core"
}
cnvd-2018-08093
Vulnerability from cnvd
Title: Spark信息泄露漏洞
Description:
Spark是一个可以让您以最小的代价快速创建Web应用的轻量级Java web框架。
2.7.2之前的Spark存在信息泄露漏洞。远程攻击者可通过绝对或相对路径名的各种表示利用该漏洞读取非预期静态文件。
Severity: 中
Patch Name: Spark信息泄露漏洞的补丁
Patch Description:
Spark是一个可以让您以最小的代价快速创建Web应用的轻量级Java web框架。
2.7.2之前的Spark存在信息泄露漏洞。远程攻击者可通过绝对或相对路径名的各种表示利用该漏洞读取非预期静态文件。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
厂商已发布漏洞修复程序,请及时关注更新: http://sparkjava.com/news#spark-27-released
Reference: https://nvd.nist.gov/vuln/detail/CVE-2018-9159
Impacted products
| Name | Spark Spark <2.7.2 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-9159"
}
},
"description": "Spark\u662f\u4e00\u4e2a\u53ef\u4ee5\u8ba9\u60a8\u4ee5\u6700\u5c0f\u7684\u4ee3\u4ef7\u5feb\u901f\u521b\u5efaWeb\u5e94\u7528\u7684\u8f7b\u91cf\u7ea7Java web\u6846\u67b6\u3002\r\n\r\n2.7.2\u4e4b\u524d\u7684Spark\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7edd\u5bf9\u6216\u76f8\u5bf9\u8def\u5f84\u540d\u7684\u5404\u79cd\u8868\u793a\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u975e\u9884\u671f\u9759\u6001\u6587\u4ef6\u3002",
"discovererName": "unknown",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://sparkjava.com/news#spark-27-released",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-08093",
"openTime": "2018-04-23",
"patchDescription": "Spark\u662f\u4e00\u4e2a\u53ef\u4ee5\u8ba9\u60a8\u4ee5\u6700\u5c0f\u7684\u4ee3\u4ef7\u5feb\u901f\u521b\u5efaWeb\u5e94\u7528\u7684\u8f7b\u91cf\u7ea7Java web\u6846\u67b6\u3002\r\n\r\n2.7.2\u4e4b\u524d\u7684Spark\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7edd\u5bf9\u6216\u76f8\u5bf9\u8def\u5f84\u540d\u7684\u5404\u79cd\u8868\u793a\u5229\u7528\u8be5\u6f0f\u6d1e\u8bfb\u53d6\u975e\u9884\u671f\u9759\u6001\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Spark\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Spark Spark \u003c2.7.2"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-9159",
"serverity": "\u4e2d",
"submitTime": "2018-04-02",
"title": "Spark\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}
suse-su-2018:2689-1
Vulnerability from csaf_suse
Published
2018-09-11 14:45
Modified
2018-09-11 14:45
Summary
Security update for spark
Notes
Title of the patch
Security update for spark
Description of the patch
This update for spark fixes the following security issue:
- CVE-2018-9159: Fix a security problem in the serving of static files. (bsc#1087837)
Patchnames
SUSE-SUSE-Manager-Server-3.1-2018-1885
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for spark",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for spark fixes the following security issue:\n\n- CVE-2018-9159: Fix a security problem in the serving of static files. (bsc#1087837)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SUSE-Manager-Server-3.1-2018-1885",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_2689-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:2689-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182689-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:2689-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-September/004554.html"
},
{
"category": "self",
"summary": "SUSE Bug 1087837",
"url": "https://bugzilla.suse.com/1087837"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9159 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9159/"
}
],
"title": "Security update for spark",
"tracking": {
"current_release_date": "2018-09-11T14:45:48Z",
"generator": {
"date": "2018-09-11T14:45:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:2689-1",
"initial_release_date": "2018-09-11T14:45:48Z",
"revision_history": [
{
"date": "2018-09-11T14:45:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "spark-2.3-3.3.1.noarch",
"product": {
"name": "spark-2.3-3.3.1.noarch",
"product_id": "spark-2.3-3.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Server 3.1",
"product": {
"name": "SUSE Manager Server 3.1",
"product_id": "SUSE Manager Server 3.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:3.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "spark-2.3-3.3.1.noarch as component of SUSE Manager Server 3.1",
"product_id": "SUSE Manager Server 3.1:spark-2.3-3.3.1.noarch"
},
"product_reference": "spark-2.3-3.3.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-9159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9159"
}
],
"notes": [
{
"category": "general",
"text": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 3.1:spark-2.3-3.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9159",
"url": "https://www.suse.com/security/cve/CVE-2018-9159"
},
{
"category": "external",
"summary": "SUSE Bug 1087837 for CVE-2018-9159",
"url": "https://bugzilla.suse.com/1087837"
},
{
"category": "external",
"summary": "SUSE Bug 1089101 for CVE-2018-9159",
"url": "https://bugzilla.suse.com/1089101"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 3.1:spark-2.3-3.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Manager Server 3.1:spark-2.3-3.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-11T14:45:48Z",
"details": "moderate"
}
],
"title": "CVE-2018-9159"
}
]
}
suse-ru-2018:2639-1
Vulnerability from csaf_suse
Published
2018-09-06 11:50
Modified
2018-09-06 11:50
Summary
Recommended update for SUSE Manager 3.1 Release Notes
Notes
Title of the patch
Recommended update for SUSE Manager 3.1 Release Notes
Description of the patch
This update for the SUSE Manager 3.0 Release Notes provides the following additions:
- SUSE Manager Server bugs fixed by latest updates
+ bsc#1057635, bsc#1083295, bsc#1087837, bsc#1089362, bsc#1089526,
bsc#1089662, bsc#1093458, bsc#1096264, bsc#1096514, bsc#1097250,
bsc#1097697, bsc#1098388, bsc#1098394, bsc#1098815, bsc#1098993,
bsc#1099583, bsc#1099638, bsc#1099781, bsc#1100131, bsc#1100731,
bsc#1101670, bsc#1102009, bsc#1103044, bsc#1103090, bsc#1103218,
bsc#1104025, bsc#1104503, bsc#1105440, bsc#1105442
- SUSE Manager Server security issues fixed by latest updates
+ CVE-2018-1000225, CVE-2018-1000226, CVE-2018-9159
- SUSE Manager Proxy bugs fixed by latest updates
+ bsc#1083295, bsc#1094705, bsc#1097697
Patchnames
SUSE-SUSE-Manager-Proxy-3.1-2018-1849,SUSE-SUSE-Manager-Server-3.1-2018-1849
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for SUSE Manager 3.1 Release Notes",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the SUSE Manager 3.0 Release Notes provides the following additions:\n\n- SUSE Manager Server bugs fixed by latest updates\n\n + bsc#1057635, bsc#1083295, bsc#1087837, bsc#1089362, bsc#1089526,\n bsc#1089662, bsc#1093458, bsc#1096264, bsc#1096514, bsc#1097250,\n bsc#1097697, bsc#1098388, bsc#1098394, bsc#1098815, bsc#1098993,\n bsc#1099583, bsc#1099638, bsc#1099781, bsc#1100131, bsc#1100731,\n bsc#1101670, bsc#1102009, bsc#1103044, bsc#1103090, bsc#1103218,\n bsc#1104025, bsc#1104503, bsc#1105440, bsc#1105442\n\n- SUSE Manager Server security issues fixed by latest updates\n\n + CVE-2018-1000225, CVE-2018-1000226, CVE-2018-9159\n\n- SUSE Manager Proxy bugs fixed by latest updates\n\n + bsc#1083295, bsc#1094705, bsc#1097697\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SUSE-Manager-Proxy-3.1-2018-1849,SUSE-SUSE-Manager-Server-3.1-2018-1849",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2018_2639-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2018:2639-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-20182639-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2018:2639-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2018-September/009273.html"
},
{
"category": "self",
"summary": "SUSE Bug 1087837",
"url": "https://bugzilla.suse.com/1087837"
},
{
"category": "self",
"summary": "SUSE Bug 1105440",
"url": "https://bugzilla.suse.com/1105440"
},
{
"category": "self",
"summary": "SUSE Bug 1105442",
"url": "https://bugzilla.suse.com/1105442"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000225 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000225/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000226 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-9159 page",
"url": "https://www.suse.com/security/cve/CVE-2018-9159/"
}
],
"title": "Recommended update for SUSE Manager 3.1 Release Notes",
"tracking": {
"current_release_date": "2018-09-06T11:50:51Z",
"generator": {
"date": "2018-09-06T11:50:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2018:2639-1",
"initial_release_date": "2018-09-06T11:50:51Z",
"revision_history": [
{
"date": "2018-09-06T11:50:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"product": {
"name": "release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"product_id": "release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"product": {
"name": "release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"product_id": "release-notes-susemanager-3.1.8-5.38.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-3.1.8-5.38.1.s390x",
"product": {
"name": "release-notes-susemanager-3.1.8-5.38.1.s390x",
"product_id": "release-notes-susemanager-3.1.8-5.38.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"product": {
"name": "release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"product_id": "release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "release-notes-susemanager-3.1.8-5.38.1.x86_64",
"product": {
"name": "release-notes-susemanager-3.1.8-5.38.1.x86_64",
"product_id": "release-notes-susemanager-3.1.8-5.38.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy 3.1",
"product": {
"name": "SUSE Manager Proxy 3.1",
"product_id": "SUSE Manager Proxy 3.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:3.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 3.1",
"product": {
"name": "SUSE Manager Server 3.1",
"product_id": "SUSE Manager Server 3.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:3.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le as component of SUSE Manager Proxy 3.1",
"product_id": "SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le"
},
"product_reference": "release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64 as component of SUSE Manager Proxy 3.1",
"product_id": "SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64"
},
"product_reference": "release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-3.1.8-5.38.1.ppc64le as component of SUSE Manager Server 3.1",
"product_id": "SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.ppc64le"
},
"product_reference": "release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-3.1.8-5.38.1.s390x as component of SUSE Manager Server 3.1",
"product_id": "SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.s390x"
},
"product_reference": "release-notes-susemanager-3.1.8-5.38.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "release-notes-susemanager-3.1.8-5.38.1.x86_64 as component of SUSE Manager Server 3.1",
"product_id": "SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.x86_64"
},
"product_reference": "release-notes-susemanager-3.1.8-5.38.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1000225",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000225"
}
],
"notes": [
{
"category": "general",
"text": "Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Cross Site Scripting (XSS) vulnerability in cobbler-web that can result in Privilege escalation to admin.. This attack appear to be exploitable via \"network connectivity\". Sending unauthenticated JavaScript payload to the Cobbler XMLRPC API (/cobbler_api).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.s390x",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000225",
"url": "https://www.suse.com/security/cve/CVE-2018-1000225"
},
{
"category": "external",
"summary": "SUSE Bug 1104190 for CVE-2018-1000225",
"url": "https://bugzilla.suse.com/1104190"
},
{
"category": "external",
"summary": "SUSE Bug 1104287 for CVE-2018-1000225",
"url": "https://bugzilla.suse.com/1104287"
},
{
"category": "external",
"summary": "SUSE Bug 1105442 for CVE-2018-1000225",
"url": "https://bugzilla.suse.com/1105442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.s390x",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.s390x",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T11:50:51Z",
"details": "critical"
}
],
"title": "CVE-2018-1000225"
},
{
"cve": "CVE-2018-1000226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000226"
}
],
"notes": [
{
"category": "general",
"text": "Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API (/cobbler_api) that can result in Privilege escalation, data manipulation or exfiltration, LDAP credential harvesting. This attack appear to be exploitable via \"network connectivity\". Taking advantage of improper validation of security tokens in API endpoints. Please note this is a different issue than CVE-2018-10931.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.s390x",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000226",
"url": "https://www.suse.com/security/cve/CVE-2018-1000226"
},
{
"category": "external",
"summary": "SUSE Bug 1104190 for CVE-2018-1000226",
"url": "https://bugzilla.suse.com/1104190"
},
{
"category": "external",
"summary": "SUSE Bug 1104287 for CVE-2018-1000226",
"url": "https://bugzilla.suse.com/1104287"
},
{
"category": "external",
"summary": "SUSE Bug 1105440 for CVE-2018-1000226",
"url": "https://bugzilla.suse.com/1105440"
},
{
"category": "external",
"summary": "SUSE Bug 1105442 for CVE-2018-1000226",
"url": "https://bugzilla.suse.com/1105442"
},
{
"category": "external",
"summary": "SUSE Bug 1131852 for CVE-2018-1000226",
"url": "https://bugzilla.suse.com/1131852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.s390x",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.s390x",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T11:50:51Z",
"details": "important"
}
],
"title": "CVE-2018-1000226"
},
{
"cve": "CVE-2018-9159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-9159"
}
],
"notes": [
{
"category": "general",
"text": "In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.s390x",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-9159",
"url": "https://www.suse.com/security/cve/CVE-2018-9159"
},
{
"category": "external",
"summary": "SUSE Bug 1087837 for CVE-2018-9159",
"url": "https://bugzilla.suse.com/1087837"
},
{
"category": "external",
"summary": "SUSE Bug 1089101 for CVE-2018-9159",
"url": "https://bugzilla.suse.com/1089101"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.s390x",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.ppc64le",
"SUSE Manager Proxy 3.1:release-notes-susemanager-proxy-3.1.8-0.15.29.1.x86_64",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.ppc64le",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.s390x",
"SUSE Manager Server 3.1:release-notes-susemanager-3.1.8-5.38.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-09-06T11:50:51Z",
"details": "moderate"
}
],
"title": "CVE-2018-9159"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…