Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM4DFE5A6ED234327248E8451B57200F8C7A68429EC3CCCB0DFECC6728217B38C9
HistoryJun 30, 2023 - 9:23 a.m.

Security Bulletin: Multiple vulnerabilities affect the IBM App Connect Enterprise Toolkit and the IBM Integration Bus Toolkit

2023-06-3009:23:53
www.ibm.com
43

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.871 High

EPSS

Percentile

98.6%

JSON

Summary

The IBM App Connect Enterprise Toolkit and the IBM Integration Bus Toolkit are vulnerable, as per the CVEs listed in the Vulnerability Details section. These vulnerabilities affect some development tasks in the product toolkit. [CVE-2022-29599] and [CVE-2020-10683] only affect Test and Java projects if they have been configured to be a Maven project. The resolving fix has been provided in the Remediation Fixes table

Vulnerability Details

CVEID:CVE-2020-10683
**DESCRIPTION:**dom4j could allow a remote authenticated attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data. By sending specially crafted XML data, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/181356 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:CVE-2018-8032
**DESCRIPTION:**Apache Axis is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the default servlet/services. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/147823 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:CVE-2014-3596
**DESCRIPTION:**Apache Axis and Axis2 could allow a remote attacker to conduct spoofing attacks, caused by and incomplete fix related to the failure to verify that the server hostname matches a domain name in the subject’s Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/95377 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:CVE-2019-0227
**DESCRIPTION:**Apache Axis is vulnerable to server-side request forgery, caused by an expired hard coded domain, used in a default example service named StockQuoteService.jws. By using a man-in-the-middle attack to force an HTTP request, a remote attacker could exploit this vulnerability to conduct an SSRF attack, allowing the attacker to execute arbitrary code on the system.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/159283 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2012-5784
**DESCRIPTION:**Apache Axis 1.4, as used in multiple products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject’s Common Name (CN) field of the X.509 certificate. An attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server and launch further attacks against a vulnerable target.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/79829 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:CVE-2021-28165
**DESCRIPTION:**Eclipse Jetty is vulnerable to a denial of service, caused by improper input valistion. By sending a specially-crafted TLS frame, a remote attacker could exploit this vulnerability to cause CPU resources to reach to 100% usage.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/199305 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2023-26049
**DESCRIPTION:**Eclipse Jetty could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw during nonstandard cookie parsing. By sending a specially crafted request to tamper with the cookie parsing mechanism, an attacker could exploit this vulnerability to obtain values from other cookies, and use this information to launch further attacks against the affected system.
CVSS Base score: 4.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/253355 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N)

CVEID:CVE-2010-2232
**DESCRIPTION:**Apache Derby could allow a remote attacker to overwrite arbitrary files, caused by a flaw in the Export functionality. An attacker could exploit this vulnerability to overwrite arbitrary files on the system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/134130 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2015-1832
**DESCRIPTION:**Apache Derby could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML datatype and XmlVTI. An attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service.
CVSS Base score: 6.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/115625 for the current score.
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:P)

CVEID:CVE-2009-4269
**DESCRIPTION:**Apache Derby could allow a remote attacker to obtain sensitive information, caused by the reduction of the size of the set of inputs to SHA-1 by the password hash generation algorithm managed by the BUILTIN authentication functionality. By generating hash collisions, a remote attacker could exploit this vulnerability to crack passwords and obtain sensitive information.
CVSS Base score: 2.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/61202 for the current score.
CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N)

CVEID:CVE-2021-28169
**DESCRIPTION:**Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the ConcatServlet. By sending a specially-crafted request using a doubly encoded path, an attacker could exploit this vulnerability to obtain sensitive information from protected resources within the WEB-INF directory, and use this information to launch further attacks against the affected system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/203492 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:CVE-2022-2047
**DESCRIPTION:**Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the HttpURI class. By sending a specially-crafted request, an attacker could exploit this vulnerability to the HttpClient and ProxyServlet/AsyncProxyServlet/AsyncMiddleManServlet wrongly interpreting an authority with no host as one with a host.
CVSS Base score: 2.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/230668 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2020-27223
**DESCRIPTION:**Eclipse Jetty is vulnerable to a denial of service, caused by an error when handling a request containing multiple Accept headers with a large number of quality parameters. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust minutes of CPU time.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197559 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2022-40146
**DESCRIPTION:**Apache Batik is vulnerable to server-side request forgery, caused by a flaw in the DefaultScriptSecurity function. By sending a specially-crafted request, an attacker could exploit this vulnerability to conduct SSRF attack to access files using a Jar url.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/236847 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2022-38648
**DESCRIPTION:**Apache Batik is vulnerable to server-side request forgery, caused by a flaw when calling the fop function. By sending a specially-crafted request, an attacker could exploit this vulnerability to conduct SSRF attack to fetch external resources.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/236846 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:CVE-2022-38398
**DESCRIPTION:**Apache Batik is vulnerable to server-side request forgery, caused by a flaw in the DefaultExternalResourceSecurity function. By sending a specially-crafted request, an attacker could exploit this vulnerability to conduct SSRF attack to load a url thru the jar protocol.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/236845 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:CVE-2022-29599
**DESCRIPTION:**maven-shared-utils could allow a remote attacker to execute arbitrary commands on the system, caused by the emission of double-quoted strings without proper escaping by the Commandline class. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/225489 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2020-13936
**DESCRIPTION:**Apache Velocity could allow a remote attacker to execute arbitrary code on the system, caused by a sandbox bypass flaw. By modifying the Velocity templates, an attacker could exploit this vulnerability to execute arbitrary code with the same privileges as the account running the Servlet container.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/197993 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM App Connect Enterprise Toolkit 12.0.1.0 - 12.0.8.0
IBM App Connect Enterprise Toolkit 11.0.0.1 - 11.0.0.20
IBM Integration Bus Toolkit 10.1

Remediation/Fixes

IBM strongly recommends addressing the vulnerability/vulnerabilities now by applying the appropriate fix to IBM App Connect Enterprise and IBM Integration Bus.

Affected Product(s) Version(s) APAR Remediation / Fix
IBM App Connect Enterprise Toolkit 12.0.1.0 - 12.0.8.0 IT43697

Interim fix for APAR (IT43697) is available to apply to 12.0.8.0 from

IBM Fix Central

IBM App Connect Enterprise Toolkit | 11.0.0.1 - 11.0.0.20| IT43697|

Interim fix for APAR (IT43697) is available to apply to 11.0.0.20 from

IBM Fix Central

IBM Integration Bus Toolkit| 10.1| IT43697|

Interim fix for APAR (IT43697) is available to apply to 10.1 from

IBM Fix Central

Workarounds and Mitigations

None

Related

ibm 25
suse 4
prion 9
nessus 43
f5 4
openvas 23
veracode 7
debiancve 6
cve 6
ubuntucve 7
debian 4
osv 16
github 9
mageia 6
amazon 4
ubuntu 2
redhatcve 6
gitlab 2
oraclelinux 3
redhat 5
centos 1
symantec 1
fedora 2
githubexploit 2
atlassian 1
zdi 1
ibm
ibm
Security Bulletin: Multiple Vulnerabilities found in Axis.jar V1.x may affect IBM Content Collector for SAP Applications
2021-03-26 17:24:42
Security Bulletin: Multiple vulnerabilities in Apache Axis affect IBM Maximo Asset Management and the IBM Maximo Manage application in IBM Maximo Application Suite
2023-02-02 21:04:46
Security Bulletin: There are several vulnerabilities in Apache Batik used by IBM Jazz Reporting Service (CVE-2022-40146, CVE-2022-38648, CVE-2022-38398)
2023-10-04 10:44:16
suse
suse
Security update for axis (moderate)
2019-06-03 00:00:00
Security update for axis (moderate)
2019-06-07 00:00:00
Security update for jetty-minimal (important)
2021-07-11 00:00:00
prion
prion
Code injection
2014-08-27 00:55:00
Design/Logic Flaw
2021-02-26 22:15:00
Design/Logic Flaw
2010-08-16 20:00:00
nessus
nessus
Debian DLA-169-1 : axis security update
2015-03-26 00:00:00
openSUSE Security Update : axis (openSUSE-2019-1526)
2019-06-10 00:00:00
F5 Networks BIG-IP : Apache Axis vulnerability (SOL16821)
2016-09-02 00:00:00
f5
f5
K16821 : Apache Axis vulnerability CVE-2014-3596
2015-11-11 00:00:00
SOL16821 - Apache Axis vulnerability CVE-2014-3596
2015-06-29 00:00:00
SOL14371 - Apache Axis vulnerability CVE-2012-5784
2013-05-06 00:00:00
openvas
openvas
CentOS Update for axis CESA-2014:1193 centos5
2014-09-16 00:00:00
openSUSE: Security Advisory for axis (openSUSE-SU-2019:1497-1)
2019-06-04 00:00:00
openSUSE: Security Advisory for axis (openSUSE-SU-2019:1526-1)
2019-06-08 00:00:00
veracode
veracode
Man In The Middle (MitM) Attacks Are Possible With Spoofed SSL Servers
2019-01-15 09:01:11
Denial Of Service(DoS)
2021-03-01 03:37:45
Remote Code Execution
2021-03-04 04:14:51
debiancve
debiancve
CVE-2014-3596
2014-08-27 00:55:00
CVE-2022-38398
2022-09-22 15:15:00
CVE-2009-4269
2010-08-16 20:00:00
cve
cve
CVE-2014-3596
2014-08-27 00:55:00
CVE-2020-13936
2021-03-10 08:15:00
CVE-2018-8032
2018-08-02 13:29:00
ubuntucve
ubuntucve
CVE-2014-3596
2014-08-27 00:00:00
CVE-2012-5784
2012-11-04 00:00:00
CVE-2018-8032
2018-08-02 00:00:00
debian
debian
[SECURITY] [DLA 169-1] axis security update
2015-03-10 18:47:07
[SECURITY] [DLA 3619-1] batik security update
2023-10-14 22:16:33
[SECURITY] [DLA 2821-1] axis security update
2021-11-17 11:35:47
osv
osv
axis - security update
2015-03-10 00:00:00
Improper Validation of Certificates in apache axis
2018-10-16 20:50:58
batik - security update
2023-10-14 00:00:00
github
github
Improper Validation of Certificates in apache axis
2018-10-16 20:50:58
Apache Batik Server-Side Request Forgery
2022-09-23 00:00:39
Improper Access Control in Apache Derby
2022-05-17 00:29:52
mageia
mageia
Updated batik packages fix security vulnerabilities
2024-03-16 19:28:17
Updated axis packages fix security vulnerability
2018-11-03 14:55:18
Updated axis packages fix CVE-2014-3596
2014-12-26 20:04:58
amazon
amazon
Important: batik
2023-03-02 21:49:00
Important: batik
2023-03-02 20:21:00
Important: axis
2014-09-17 21:47:00
ubuntu
ubuntu
Apache Batik vulnerabilities
2023-05-30 00:00:00
Velocity Engine vulnerability
2023-08-10 00:00:00
redhatcve
redhatcve
CVE-2018-8032
2018-08-02 21:18:45
CVE-2020-27223
2021-03-02 15:02:57
CVE-2022-38648
2022-12-20 17:05:08
gitlab
gitlab
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
2018-10-16 00:00:00
Improper Input Validation
2020-10-07 00:00:00
oraclelinux
oraclelinux
axis security update
2014-09-15 00:00:00
axis security update
2013-03-25 00:00:00
axis security update
2013-02-19 00:00:00
redhat
redhat
(RHSA-2015:1010) Important: Red Hat JBoss Portal 6.2.0 security update
2015-05-14 15:13:19
(RHSA-2014:1193) Important: axis security update
2014-09-15 00:00:00
(RHSA-2013:0683) Moderate: axis security update
2013-03-25 00:00:00
centos
centos
axis security update
2014-09-15 16:46:18
symantec
symantec
Apache Axis CVE-2018-8032 Cross-Site Scripting Vulnerability
2018-08-02 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: axis-1.4-19.fc17
2013-02-01 17:16:41
[SECURITY] Fedora 27 Update: axis-1.4-35.fc27
2018-08-23 09:46:20
githubexploit
githubexploit
Exploit for Server-Side Request Forgery in Apache Batik
2022-11-01 03:41:36
Exploit for Uncontrolled Resource Consumption in Eclipse Jetty
2021-03-19 03:50:45
atlassian
atlassian
org.apache.velocity Vulnerability in Bitbucket Data Center and Server
2023-09-26 16:12:29
zdi
zdi
Apache Batik DefaultScriptSecurity Server-Side Request Forgery Remote Code Execution Vulnerability
2022-10-04 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.871 High

EPSS

Percentile

98.6%

JSON
Related for 4DFE5A6ED234327248E8451B57200F8C7A68429EC3CCCB0DFECC6728217B38C9
ibm25suse4prion9nessus43f54openvas23veracode7debiancve6cve6ubuntucve7debian4osv16github9mageia6amazon4ubuntu2redhatcve6gitlab2oraclelinux3redhat5centos1symantec1fedora2githubexploit2atlassian1zdi1