Описание
Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. The default in version 3.9.0 is now false to ignore such hosts, as cURL does. See https://issues.apache.org/jira/browse/NET-711.
A flaw was found in Apache Commons Net's FTP, where the client trusts the host from PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This issue could lead to leakage of information about services running on the private network of the client.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| A-MQ Clients 2 | apache-commons-net | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/elasticsearch6-rhel8 | Not affected | ||
| Migration Toolkit for Applications 6 | io.netty-netty-tcnative-parent | Will not fix | ||
| Migration Toolkit for Applications 6 | org.jboss.windup-windup-parent | Not affected | ||
| Migration Toolkit for Runtimes | io.netty-netty-tcnative-parent | Will not fix | ||
| Migration Toolkit for Runtimes | org.jboss.windup-windup-parent | Not affected | ||
| OpenShift Developer Tools and Services | jenkins-2-plugins | Affected | ||
| Red Hat Data Grid 8 | apache-commons-net | Will not fix | ||
| Red Hat Decision Manager 7 | apache-commons-net | Not affected | ||
| Red Hat Enterprise Linux 7 | apache-commons-net | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. The default in version 3.9.0 is now false to ignore such hosts, as cURL does. See https://issues.apache.org/jira/browse/NET-711.
Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. The default in version 3.9.0 is now false to ignore such hosts, as cURL does. See https://issues.apache.org/jira/browse/NET-711.
Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host fr ...
Apache Commons Net vulnerable to information leakage via malicious server
Уязвимость компонента FTP Client библиотеки Apache Commons Net, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации и осуществить CSRF-атаку
EPSS
6.5 Medium
CVSS3