CVE-2015-1796 Description The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 and OpenSAML Java (OpenSAML-J) before 2.6.5 trust candidate X.509 credentials when no trusted names are available for the entityID, which allows remote attackers to impersonate an entity via a certificate issued by a shibmd:KeyAuthority trust anchor. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. If upgrading is not feasible, follow the workaround(s) stated on the reference pages. Reference(s): (https://wiki.shibboleth.net/confluence/display/SHIB2/20150225+Security+Advisory+Examples) (https://shibboleth.net/community/advisories/secadv_20150225.txt) Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1796 https://issues.shibboleth.net/jira/browse/JXT-116 https://shibboleth.net/community/advisories/secadv_20150225.txt https://wiki.shibboleth.net/confluence/display/SHIB2/20150225+Security+Advisory+Examples https://bugzilla.redhat.com/show_bug.cgi?id=1196619 Project Category n/a Tags data Date Disclosed 2015-07-08 Date Discovered 2015-02-17…
Read More
CVE-2015-0254 Description Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note for the fixed version(s): ``` This version uses JAXP's FEATURE_SECURE_PROCESSING to restrict XML processing. Depending on the Java runtime version in use, additional configuration may be required: Java8: External entity access is automatically disabled if a SecurityManager is active. Java7: JAXP properties may need to…
Read More
CVE-2015-0226 Description Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Workaround : > On affected products, this flaw can be mitigated by using the RSA-OAEP key wrap algorithm, instead of the default RSA-v1.5 algorithm. To…
Read More
CVE-2014-7810 Description The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemented by an inaccessible class, which allows attackers to bypass a SecurityManager protection mechanism via a web application that leverages use of incorrect privileges during EL evaluation. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7810 http://tomcat.apache.org/security-7.html Project Category n/a Tags data functional Date Disclosed 2015-06-07 Date Discovered 2014-10-03 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help…
Read More
CVE-2014-3623 Description Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does not properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vectors. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3623 http://svn.apache.org/viewvc?view=revision&revision=1624308 https://issues.apache.org/jira/browse/WSS-510 https://issues.apache.org/jira/browse/WSS-511 https://issues.apache.org/jira/browse/WSS-512 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3623 Project Category n/a Tags functional Date Disclosed 2014-10-30 Date Discovered 2014-05-14 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
CVE-2014-3612 Description The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows remote attackers to bypass authentication by logging in with an empty password and valid username, which triggers an unauthenticated bind. NOTE: this identifier has been SPLIT per ADT2 due to different vulnerability types. See CVE-2015-6524 for the use of wildcard operators in usernames. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3612 http://activemq.apache.org/security-advisories.data/CVE-2014-3612-announcement.txt Project Category n/a Tags data operational Date Disclosed 2015-08-24 Date Discovered 2014-05-14 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
CVE-2014-3603 Description The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Mitigation >>>IdP users: Upgrade to IdP 2.4.1 or greater, which globally configures an appropriate hostname verifier for use with HttpClient. If this is not feasible, and the only use of these resource types is with a ResourceBackedMetadataProvider, then consider replacing the latter with…
Read More
CVE-2014-3600 Description XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3600 https://issues.apache.org/jira/browse/AMQ-5333 https://labs.mwrinfosecurity.com/advisories/apache-activemq-and-activemq-apollo-xml-external-entity-data-parsing/ https://tools.cisco.com/security/center/viewAlert.x?alertId=37382 Project Category n/a Tags data Date Disclosed 2017-10-27 Date Discovered 2014-05-14 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
CVE-2014-3576 Description The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note: If this component is included as a bundled/transitive dependency of another component, there may not be an upgrade path. In this instance, we recommend contacting the maintainers who included the vulnerable package. Alternatively, we recommend investigating alternative components or a potential mitigating control. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3576 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3576 Project Category n/a Tags data functional Date Disclosed…
Read More
CVE-2014-0230 Description Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0230 http://tomcat.apache.org/security-8.html Project Category n/a Tags data operational Date Disclosed 2015-06-07 Date Discovered 2013-12-03 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
