CVE-2017-7465

Опубликовано: 11 апр. 2017

Источник: redhat

CVSS3: 9

CVSS2: 5.1

EPSS Низкий

Описание

It was found that the JAXP implementation used in JBoss EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing. Doing a transform in JAXP requires the use of a 'javax.xml.transform.TransformerFactory'. If the FEATURE_SECURE_PROCESSING feature is set to 'true', it mitigates this vulnerability.

It was found that the JAXP implementation used in EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing.

Меры по смягчению последствий

Doing a transform in JAXP requires the use of a 'javax.xml.transform.TransformerFactory'. If the FEATURE_SECURE_PROCESSING feature is set to 'true', it mitigates this vulnerability. Eg: TransformerFactory factory = TransformerFactory.newInstance(); factory.setFeature(javax.xml.XMLConstants.FEATURE_SECURE_PROCESSING, true);

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat JBoss Enterprise Application Platform 7	org.jboss.eap-jboss-eap-parent	Will not fix
Red Hat JBoss Enterprise Web Server 3	tomcat	Not affected
Red Hat Mobile Application Platform 4	security	Not affected
EAP-CD 14 Tech Preview	XML Frameworks	Fixed	RHSA-2020:2563	15.06.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-611

https://bugzilla.redhat.com/show_bug.cgi?id=1439980JBoss: JAXP in EAP 7.0 allows RCE via XSL

EPSS

Процентиль: 87%

0.03501

Низкий

9 Critical

CVSS3

5.1 Medium

CVSS2

Связанные уязвимости

CVE-2017-7465

CVSS3: 9

nvd

больше 7 лет назад

GHSA-x996-h3mp-c4p4

CVSS3: 9.8

github

больше 3 лет назад