An XML External Entity (XXE) Injection vulnerability was found in Commons Jelly library. If a custom `doctype` entity is declared with a `SYSTEM` entity with a URL and that entity is used in the body of the Jelly file, the parser will attempt to connect to provided URL.
{"id": "RH:CVE-2017-12621", "vendorId": null, "type": "redhatcve", "bulletinFamily": "info", "title": "CVE-2017-12621", "description": "An XML External Entity (XXE) Injection vulnerability was found in Commons Jelly library. If a custom `doctype` entity is declared with a `SYSTEM` entity with a URL and that entity is used in the body of the Jelly file, the parser will attempt to connect to provided URL.\n", "published": "2021-06-10T18:23:02", "modified": "2022-07-07T08:54:23", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://access.redhat.com/security/cve/cve-2017-12621", "reporter": "redhat.com", "references": ["https://www.securitytracker.com/id/1039444", "https://bugzilla.redhat.com/show_bug.cgi?id=1970584"], "cvelist": ["CVE-2017-12621"], "immutableFields": [], "lastseen": "2022-07-07T11:11:56", "viewCount": 37, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2017-12621"]}, {"type": "github", "idList": ["GHSA-6G33-82GC-3PW5"]}, {"type": "osv", "idList": ["OSV:GHSA-6G33-82GC-3PW5"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-12621"]}]}, "score": {"value": 4.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2017-12621"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-12621"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2017-12621", "epss": "0.003190000", "percentile": "0.658340000", "modified": "2023-03-17"}], "vulnersScore": 4.0}, "_state": {"dependencies": 1660004461, "score": 1698842189, "epss": 1679073339}, "_internal": {"score_hash": "91a0bdea88e12007f82a0618d638a688"}, "vendorCvss": {"score": "9.8", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}
{"osv": [{"lastseen": "2023-04-11T01:35:53", "description": "During Jelly (xml) file parsing with Apache Xerces, if a custom doctype entity is declared with a \"SYSTEM\" entity with a URL and that entity is used in the body of the Jelly file, during parser instantiation the parser will attempt to connect to said URL. This could lead to XML External Entity (XXE) attacks in Apache Commons Jelly before 1.0.1.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-17T00:34:13", "type": "osv", "title": "Improper Restriction of XML External Entity Reference in Jelly", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12621"], "modified": "2023-04-11T01:35:48", "id": "OSV:GHSA-6G33-82GC-3PW5", "href": "https://osv.dev/vulnerability/GHSA-6g33-82gc-3pw5", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-12-03T14:38:40", "description": "During Jelly (xml) file parsing with Apache Xerces, if a custom doctype entity is declared with a \"SYSTEM\" entity with a URL and that entity is used in the body of the Jelly file, during parser instantiation the parser will attempt to connect to said URL. This could lead to XML External Entity (XXE) attacks in Apache Commons Jelly before 1.0.1.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-28T01:29:00", "type": "cve", "title": "CVE-2017-12621", "cwe": ["CWE-611"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12621"], "modified": "2023-11-07T02:38:00", "cpe": [], "id": "CVE-2017-12621", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12621", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": []}], "veracode": [{"lastseen": "2023-04-18T16:12:45", "description": "Apache commons-jelly is vulnerable to XML external entity (XXE). When jelly XML files are parsed with a custom `doctype` declared as a `SYSTEM` entity with a URL at the beginning of the file, the parser will connect to the URL at instantiation.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-28T03:17:39", "type": "veracode", "title": "XML External Entity (XXE)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12621"], "modified": "2023-02-09T17:23:09", "id": "VERACODE:5182", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-5182/summary", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2023-12-02T15:08:39", "description": "During Jelly (xml) file parsing with Apache Xerces, if a custom doctype\nentity is declared with a \"SYSTEM\" entity with a URL and that entity is\nused in the body of the Jelly file, during parser instantiation the parser\nwill attempt to connect to said URL. This could lead to XML External Entity\n(XXE) attacks in Apache Commons Jelly before 1.0.1.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[msalvatore](<https://launchpad.net/~msalvatore>) | Eventhough the version of jenkins-commons-jelly in trusty and xenial is 1.1, the fix is still needed.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-09-28T00:00:00", "type": "ubuntucve", "title": "CVE-2017-12621", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12621"], "modified": "2017-09-28T00:00:00", "id": "UB:CVE-2017-12621", "href": "https://ubuntu.com/security/CVE-2017-12621", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "github": [{"lastseen": "2023-12-03T17:27:46", "description": "During Jelly (xml) file parsing with Apache Xerces, if a custom doctype entity is declared with a \"SYSTEM\" entity with a URL and that entity is used in the body of the Jelly file, during parser instantiation the parser will attempt to connect to said URL. This could lead to XML External Entity (XXE) attacks in Apache Commons Jelly before 1.0.1.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-17T00:34:13", "type": "github", "title": "Improper Restriction of XML External Entity Reference in Jelly", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12621"], "modified": "2023-02-15T20:03:39", "id": "GHSA-6G33-82GC-3PW5", "href": "https://github.com/advisories/GHSA-6g33-82gc-3pw5", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "prion": [{"lastseen": "2023-11-22T03:01:24", "description": "During Jelly (xml) file parsing with Apache Xerces, if a custom doctype entity is declared with a \"SYSTEM\" entity with a URL and that entity is used in the body of the Jelly file, during parser instantiation the parser will attempt to connect to said URL. This could lead to XML External Entity (XXE) attacks in Apache Commons Jelly before 1.0.1.", "cvss3": {"cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}}, "published": "2017-09-28T01:29:00", "type": "prion", "title": "Xxe", "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12621"], "modified": "2023-02-09T16:14:00", "id": "PRION:CVE-2017-12621", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2017-12621", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ibm": [{"lastseen": "2023-12-03T17:52:44", "description": "## Summary\n\nIn addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF024 and 23.0.1-IF002.\n\n## Vulnerability Details\n\n**CVEID: **[CVE-2021-33813](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203804>) \n**DESCRIPTION: **JDOM is vulnerable to a denial of service, caused by an XXE issue in SAXBuilder. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to cause the a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203804](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203804>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2023-1428](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258439>) \n**DESCRIPTION: **gRPC is vulnerable to a denial of service. By sending a specially crafted header, an attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258439](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258439>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2023-32731](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) \n**DESCRIPTION: **gRPC could allow a remote attacker to obtain sensitive information, caused by a flaw when gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257688](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257688>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n**CVEID: **[CVE-2023-32732](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257693>) \n**DESCRIPTION: **gRPC is vulnerable to a denial of service, caused by a base64 encoding error for \"-bin\" suffixed headers. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a termination of connection between a HTTP2 proxy and a gRPC server, and results in a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257693](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257693>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2023-34453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) \n**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the shuffle function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2023-34455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) \n**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by the use of an unchecked chunk length in the hasNextChunk function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2023-34454](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) \n**DESCRIPTION: **snappy-java is vulnerable to a denial of service, caused by an integer overflow in the compress function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258188](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258188>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID: **[CVE-2023-33858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257696>) \n**DESCRIPTION: **IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/257696](<https://exchange.xforce.ibmcloud.com/vulnerabilities/257696>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2023-35899](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259354>) \n**DESCRIPTION: **IBM ICP4A - Business Automation Insights Core is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. \nCVSS Base score: 7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/259354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/259354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2022-41862](<https://exchange.xforce.ibmcloud.com/vulnerabilities/248100>) \n**DESCRIPTION: **PostgreSQL could allow a remote attacker to obtain sensitive information, caused by a client memory disclosure flaw. By sending an unterminated string during the establishment of Kerberos transport encryption, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/248100](<https://exchange.xforce.ibmcloud.com/vulnerabilities/248100>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2023-24815](<https://exchange.xforce.ibmcloud.com/vulnerabilities/247027>) \n**DESCRIPTION: **Eclipse Vert.x-Web could allow a remote attacker to obtain sensitive information, caused by a flaw when mounted on a wildcard route. By sending a specially-crafted request, an attacker could exploit this vulnerability to exfiltrate any class path resource, and use this information to launch further attacks against the affected system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/247027](<https://exchange.xforce.ibmcloud.com/vulnerabilities/247027>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n**CVEID: **[CVE-2022-25883](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>) \n**DESCRIPTION: **Node.js semver package is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the new Range function. By providing specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/258647](<https://exchange.xforce.ibmcloud.com/vulnerabilities/258647>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2023-26115](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>) \n**DESCRIPTION: **Node.js word-wrap module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the result variable. By sending a specially crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/256901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2020-8908](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) \n**DESCRIPTION: **Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir(). By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192996](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2012-5783](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) \n**DESCRIPTION: **Apache Commons HttpClient, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, could allow a remote attacker to conduct spoofing attacks, caused by the failure to verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate. By persuading a victim to visit a Web site containing a specially-crafted certificate, an attacker could exploit this vulnerability using man-in-the-middle techniques to spoof an SSL server. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/79984](<https://exchange.xforce.ibmcloud.com/vulnerabilities/79984>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n**CVEID: **[CVE-2020-13956](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) \n**DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n**CVEID: **[CVE-2017-12621](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132761>) \n**DESCRIPTION: **Apache Commons Jelly could allow a remote attacker to bypass security restrictions, caused by improper handling of XML External Entity (XXE) entries when parsing to an XML file. By persuading a victim to open a jelly file containing a specially crafted custom doctype entity in a SYSTEM entity that contains a URL, an attacker could exploit this vulnerability to conduct XML External Entity (XXE) attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/132761](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132761>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2022-22976](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226733>) \n**DESCRIPTION: **Spring Security could provide weaker than expected security, caused by an integer overflow vulnerability which results in a lack of salt rounds when using the BCrypt class with the maximum work factor. A local authenticated attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226733](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226733>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N) \n \n**CVEID: **[CVE-2016-1000027](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174367>) \n**DESCRIPTION: **Pivota Spring Framework could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw in the library. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/174367](<https://exchange.xforce.ibmcloud.com/vulnerabilities/174367>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n**CVEID: **[CVE-2020-7760](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190938>) \n**DESCRIPTION: **Node.js codemirror module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By using sub-pattern (s|/*.*?*/)*, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190938](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190938>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n**CVEID: **[CVE-2015-9251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) \n**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2019-11358](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) \n**DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2020-11022](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) \n**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2020-11023](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) \n**DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n**CVEID: **[CVE-2021-26291](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200608>) \n**DESCRIPTION: **Apache Maven could allow a remote attacker to bypass security restrictions, caused by the use of http (non-SSL) repository references by default. By sending a specially-crafted request, an attacker could exploit this vulnerability to take over the repository or to insert themselves into a position to pretend to be that repository. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200608](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200608>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) \n \n**IBM X-Force ID: **256137 \n**DESCRIPTION: **FasterXML Jackson Core is vulnerable to a denial of service, caused by improper input validation by the StreamReadConstraints value field. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/256137 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/256137>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s) | Version(s) | Status \n---|---|--- \nIBM Cloud Pak for Business Automation | V23.0.1 - V23.0.1-IF001 | affected \nIBM Cloud Pak for Business Automation | V21.0.3 - V21.0.3-IF023 | affected \nIBM Cloud Pak for Business Automation | V22.0.2 - V22.0.2-IF006 and later fixes \nV22.0.1 - V22.0.1-IF006 and later fixes \nV21.0.2 - V21.0.2-IF012 and later fixes \nV21.0.1 - V21.0.1-IF007 and later fixes \nV20.0.1 - V20.0.3 and later fixes \nV19.0.1 - V19.0.3 and later fixes \nV18.0.0 - V18.0.2 and later fixes | affected \n \n## Remediation/Fixes\n\nAny open source library may be included in one or more sub-components of IBM Cloud Pak for Business Automation. Open source updates are not always synchronized across all components. The CVE in this bulletin are specifically addressed by\n\nCVE ID | Addressed in component \n---|--- \nCVE-2012-5783 | Automation Decision Services \nCVE-2015-9251 | Automation Decision Services \nCVE-2016-1000027 | Automation Decision Services \nCVE-2017-12621 | Automation Decision Services \nCVE-2019-11358 | Automation Decision Services \nCVE-2020-11022 | Automation Decision Services \nCVE-2020-11023 | Automation Decision Services \nCVE-2020-13956 | Automation Decision Services \nCVE-2020-7760 | Automation Decision Services \nCVE-2020-8908 | Automation Decision Services \nCVE-2021-26291 | Automation Decision Services \nCVE-2021-33813 | Business Automation Workflow, Business Automation Studio \nCVE-2022-22976 | Automation Decision Services \nCVE-2022-25883 | Business Automation Application \nCVE-2022-41862 | Operational Decision Manager \nCVE-2023-1428 | Automation Decision Services \nCVE-2023-24815 | Automation Decision Services \nCVE-2023-26115 | Business Automation Application \nCVE-2023-32731 | Automation Decision Services \nCVE-2023-32732 | Automation Decision Services \nCVE-2023-33858 | Business Automation Workflow, Business Automation Studio \nCVE-2023-34453 | Business Automation Workflow, Business Automation Studio \nCVE-2023-34454 | Business Automation Workflow, Business Automation Studio \nCVE-2023-34455 | Business Automation Workflow, Business Automation Studio \nCVE-2023-35899 | Business Automation Insights \nPRISMA-2023-0067 | Business Automation Insights \n \nAffected Product(s) | Version(s) | Remediation / Fix \n---|---|--- \nIBM Cloud Pak for Business Automation | V23.0.1 - V23.0.1-IF001 | Apply security fix [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> \"23.0.1-IF002\" ) \nIBM Cloud Pak for Business Automation | V22.0.2 - V22.0.2-IF005 | Apply security fix [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> \"23.0.1-IF002\" ) \nIBM Cloud Pak for Business Automation | V21.0.3 - V21.0.3-IF023 | Apply security fix [21.0.3-IF024](<https://www.ibm.com/support/pages/node/7017500> \"21.0.3-IF024\" ) or upgrade to [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> \"23.0.1-IF002\" ) \nIBM Cloud Pak for Business Automation | V21.0.1 - V21.0.1-IF008 \nV20.0.1 - V20.0.3 \nV19.0.1 - V19.0.3 \nV18.0.0 - V18.0.2 | Upgrade to [21.0.3-IF024](<https://www.ibm.com/support/pages/node/7017500> \"21.0.3-IF024\" ) or [23.0.1-IF002](<https://www.ibm.com/support/pages/node/7025263> \"23.0.1-IF002\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-09-01T19:56:42", "type": "ibm", "title": "Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for August 2023", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5783", "CVE-2015-9251", "CVE-2016-1000027", "CVE-2017-12621", "CVE-2019-11358", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-13956", "CVE-2020-7760", "CVE-2020-8908", "CVE-2021-26291", "CVE-2021-33813", "CVE-2022-22976", "CVE-2022-25883", "CVE-2022-41862", "CVE-2023-1428", "CVE-2023-24815", "CVE-2023-26115", "CVE-2023-32731", "CVE-2023-32732", "CVE-2023-33858", "CVE-2023-34453", "CVE-2023-34454", "CVE-2023-34455", "CVE-2023-35899"], "modified": "2023-09-01T19:56:42", "id": "D1C70BE32DEEA561F5BD20121B6CE6B04522C3B0A34D7DF273B2AA52F0E58277", "href": "https://www.ibm.com/support/pages/node/7030357", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
CVE-2017-12621
