9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%
Red Hat Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform.
This release of Red Hat Fuse 7.1 serves as a replacement for Red Hat Fuse 7.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
Apache Struts 1: Class Loader manipulation via request parameters (CVE-2014-0114)
thrift: Improper file path sanitization in t_go_generator.cc:format_go_output() of the go client library can allow an attacker to inject commands (CVE-2016-5397)
slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
jolokia: JMX proxy mode vulnerable to remote code execution (CVE-2018-1000130)
bouncycastle: DSA does not fully validate ASN.1 encoding during signature verification allowing for injection of unsigned data (CVE-2016-1000338)
bouncycastle: Information leak in AESFastEngine class (CVE-2016-1000339)
bouncycastle: Information exposure in DSA signature generation via timing attack (CVE-2016-1000341)
bouncycastle: ECDSA improper validation of ASN.1 encoding of signature (CVE-2016-1000342)
bouncycastle: DHIES implementation allowed the use of ECB mode (CVE-2016-1000344)
bouncycastle: DHIES/ECIES CBC modes are vulnerable to padding oracle attack (CVE-2016-1000345)
bouncycastle: Other party DH public keys are not fully validated (CVE-2016-1000346)
bouncycastle: ECIES implementation allowed the use of ECB mode (CVE-2016-1000352)
async-http-client: Invalid URL parsing with ‘?’ (CVE-2017-14063)
undertow: File descriptor leak caused by JarURLConnection.getLastModified() allows attacker to cause a denial of service (CVE-2018-1114)
spring-framework: Directory traversal vulnerability with static resources on Windows filesystems (CVE-2018-1271)
tika: Infinite loop in BPGParser can allow remote attacker to cause a denial of service (CVE-2018-1338)
tika: Infinite loop in ChmParser can allow remote attacker to cause a denial of service (CVE-2018-1339)
pdfbox: Infinite loop in AFMParser.java allows for out of memory erros via crafted PDF (CVE-2018-8036)
jolokia: Cross site scripting in the HTTP servlet (CVE-2018-1000129)
bouncycastle: flaw in the low-level interface to RSA key pair generator (CVE-2018-1000180)
bouncycastle: Carry propagation bug in math.raw.Nat??? class (CVE-2016-1000340)
bouncycastle: DSA key pair generator generates a weak private key by default (CVE-2016-1000343)
spring-framework: Multipart content pollution (CVE-2018-1272)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Chris McCown for reporting CVE-2018-8088.
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%