CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-2589 – hawtio: Proxy is sharing cookies among all the clients
https://notcve.org/view.php?id=CVE-2017-2589
It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies. Se ha descubierto que el servlet 1.4 de hawtio utiliza una única instancia HttpClient para las peticiones del proxy con un almacén de cookies persistente (las cookies se almacenan localmente y no se pasan entre el cliente y la URL final), lo que significa que todos los clientes que utilicen ese proxy están compartiendo las mismas cookies. It was discovered that the hawtio servlet uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies. • https://access.redhat.com/errata/RHSA-2017:1832 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2589 https://access.redhat.com/security/cve/CVE-2017-2589 https://bugzilla.redhat.com/show_bug.cgi?id=1413905 • CWE-285: Improper Authorization •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 1CVE-2016-1000229 – swagger-ui: cross-site scripting in key names
https://notcve.org/view.php?id=CVE-2016-1000229
swagger-ui has XSS in key names swagger-ui presenta una vulnerabilidad de tipo XSS en nombres claves. It was found that swagger-ui contains a cross site scripting (XSS) vulnerability in the key names in the JSON document. An attacker could use this flaw to supply a key name with script tags which could cause arbitrary code execution. Additionally it is possible to load the arbitrary JSON files remotely via the URL query-string parameter. • https://github.com/ossf-cve-benchmark/CVE-2016-1000229 http://www.securityfocus.com/bid/97580 https://access.redhat.com/errata/RHSA-2017:0868 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000229 https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000229.json https://access.redhat.com/security/cve/CVE-2016-1000229 https://bugzilla.redhat.com/show_bug.cgi?id=1360275 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 97%CPEs: 4EXPL: 6CVE-2016-4437 – Apache Shiro Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-4437
Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter. Apache Shiro en versiones anteriores a 1.2.5, cuando una clave de cifrado no ha sido configurada por la característica "remember me", permite a atacantes remotos ejecutar código arbitrario o eludir las restricciones destinadas al acceso a través de un parámetro request no especificado. It was found that Apache Shiro uses a default cipher key for its "remember me" feature. An attacker could use this to devise a malicious request parameter and gain access to unauthorized content. Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restrictions via an unspecified request parameter when a cipher key has not been configured for the "remember me" feature. • https://www.exploit-db.com/exploits/48410 https://github.com/pizza-power/CVE-2016-4437 https://github.com/xk-mt/CVE-2016-4437 https://github.com/m3terpreter/CVE-2016-4437 http://packetstormsecurity.com/files/137310/Apache-Shiro-1.2.4-Information-Disclosure.html http://packetstormsecurity.com/files/157497/Apache-Shiro-1.2.4-Remote-Code-Execution.html http://rhn.redhat.com/errata/RHSA-2016-2035.html http://rhn.redhat.com/errata/RHSA-2016-2036.html http://www.securityfocus.com&# • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 1%CPEs: 19EXPL: 1CVE-2015-7501 – apache-commons-collections: InvokerTransformer code execution during deserialisation
https://notcve.org/view.php?id=CVE-2015-7501
Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x y 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x y 5.x; Enterprise Application Platform 6.x, 5.x y 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x y Red Hat Subscription Asset Manager 1.3 permiten que atacantes remotos ejecuten comandos arbitrarios mediante un objeto Java serializado manipulado. Esto está relacionado con la librería ACC (Apache Commons Collections). It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library. • https://github.com/ianxtianxt/CVE-2015-7501 http://rhn.redhat.com/errata/RHSA-2015-2500.html http://rhn.redhat.com/errata/RHSA-2015-2501.html http://rhn.redhat.com/errata/RHSA-2015-2502.html http://rhn.redhat.com/errata/RHSA-2015-2514.html http://rhn.redhat.com/errata/RHSA-2015-2516.html http://rhn.redhat.com/errata/RHSA-2015-2517.html http://rhn.redhat.com/errata/RHSA-2015-2521.html http://rhn.redhat.com/errata/RHSA-2015-2522.html http://rhn.redhat. • CWE-284: Improper Access Control CWE-502: Deserialization of Untrusted Data •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8175 – Fuse: insufficient access permissions checks when accessing Hawtio console
https://notcve.org/view.php?id=CVE-2014-8175
Red Hat JBoss Fuse before 6.2.0 allows remote authenticated users to bypass intended restrictions and access the HawtIO console by leveraging an account defined in the users.properties file. Red Hat JBoss Fuse anterior a 6.2.0 permite a usuarios remotos autenticados evadir las restricciones y acceder a la consola HawtIO mediante el aprovechamiento de una cuenta definida en el fichero de propiedades de usuarios. It was found that JBoss Fuse would allow any user defined in the users.properties file to access the HawtIO console without having a valid admin role. This could allow a remote attacker to bypass intended authentication HawtIO console access restrictions. • http://rhn.redhat.com/errata/RHSA-2015-1176.html http://rhn.redhat.com/errata/RHSA-2015-1177.html https://access.redhat.com/security/cve/CVE-2014-8175 https://bugzilla.redhat.com/show_bug.cgi?id=1205112 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •