Lucene search

[email protected]NVD:CVE-2020-13954

HistoryNov 12, 2020 - 1:15 p.m.

CVE-2020-13954

2020-11-1213:15:11

CWE-79

[email protected]

web.nvd.nist.gov

apache cxf

services page

reflected cross-site scripting

xss

vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

6.2

Confidence

High

EPSS

0.19

Percentile

96.4%

JSON

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and 3.3.8. Please note that this is a separate issue to CVE-2019-17573.

Affected configurations

Nvd

Node

apachecxfRange<3.3.8

apachecxfRange3.4.0–3.4.1

Node

netappsnap_creator_frameworkMatch-

netappvasa_provider_for_clustered_data_ontapRange9.6≥

Node

oraclebusiness_intelligenceMatch5.5.0.0.0enterprise

oraclebusiness_intelligenceMatch5.9.0.0.0enterprise

oraclebusiness_intelligenceMatch12.2.1.3.0enterprise

oraclebusiness_intelligenceMatch12.2.1.4.0enterprise

oracleretail_order_broker_cloud_serviceMatch15.0

oraclecommunications_messaging_serverMatch8.0.2

oraclecommunications_messaging_serverMatch8.1

VendorProductVersionCPE
apachecxf*cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*
netappsnap_creator_framework-cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
netappvasa_provider_for_clustered_data_ontap*cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*
oraclebusiness_intelligence5.5.0.0.0cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:*
oraclebusiness_intelligence5.9.0.0.0cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*
oraclebusiness_intelligence12.2.1.3.0cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*
oraclebusiness_intelligence12.2.1.4.0cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
oracleretail_order_broker_cloud_service15.0cpe:2.3:a:oracle:retail_order_broker_cloud_service:15.0:*:*:*:*:*:*:*
oraclecommunications_messaging_server8.0.2cpe:2.3:o:oracle:communications_messaging_server:8.0.2:*:*:*:*:*:*:*
oraclecommunications_messaging_server8.1cpe:2.3:o:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apache	cxf	*	cpe:2.3:a:apache:cxf::::::::
netapp	snap_creator_framework	-	cpe:2.3:a:netapp:snap_creator_framework:-:::::::*
netapp	vasa_provider_for_clustered_data_ontap	*	cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap::::::::
oracle	business_intelligence	5.5.0.0.0	cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0::::enterprise:::
oracle	business_intelligence	5.9.0.0.0	cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0::::enterprise:::
oracle	business_intelligence	12.2.1.3.0	cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0::::enterprise:::
oracle	business_intelligence	12.2.1.4.0	cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::
oracle	retail_order_broker_cloud_service	15.0	cpe:2.3:a:oracle:retail_order_broker_cloud_service:15.0:::::::*
oracle	communications_messaging_server	8.0.2	cpe:2.3:o:oracle:communications_messaging_server:8.0.2:::::::*
oracle	communications_messaging_server	8.1	cpe:2.3:o:oracle:communications_messaging_server:8.1:::::::*