CVE-2018-8039

Опубликовано: 02 июл. 2018

Источник: nvd

CVSS3: 8.1

CVSS2: 6.8

EPSS Низкий

Описание

It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5 and 3.1.16 the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks.

Ссылки

http://cxf.apache.org/security-advisories.data/CVE-2018-8039.txt.asc?version=1&modificationDate=1530184663000&api=v2
Mailing List
Vendor Advisory
http://www.securityfocus.com/bid/106357
http://www.securitytracker.com/id/1041199
Third Party Advisory
VDB Entry
https://access.redhat.com/errata/RHSA-2018:2276
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2277
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2279
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2423
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2424
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2425
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2428
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2643
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3768
https://access.redhat.com/errata/RHSA-2018:3817
https://github.com/apache/cxf/commit/fae6fabf9bd7647f5e9cb68897a7d72b545b741b
Patch
Third Party Advisory
https://lists.apache.org/thread.html/1f8ff31df204ad0374ab26ad333169e0387a5e7ec92422f337431866%40%3Cdev.cxf.apache.org%3E
https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*

Версия до 3.1.16 (исключая)

cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*

Версия от 3.2.0 (включая) до 3.2.5 (исключая)

Конфигурация 2

cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02634

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-755

Связанные уязвимости

CVE-2018-8039

CVSS3: 6.5

redhat

больше 7 лет назад

GHSA-jc7r-v6fg-2gpf

CVSS3: 8.1

github

больше 7 лет назад

Apache CXF TLS hostname verification does not work correctly with com.sun.net.ssl.*

BDU:2020-00626

CVSS3: 8.1

fstec

почти 7 лет назад

Уязвимость компонента com.sun.net.ssl каркаса для веб-сервисов Apache CXF, позволяющая нарушителю реализовать атаку типа «человек посередине»

EPSS

Процентиль: 85%

0.02634

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-755