Vulnerability-Lookup

CVE-2013-2185 (GCVE-0-2013-2185)

Vulnerability from cvelistv5 – Published: 2014-01-19 16:00 – Updated: 2024-08-06 15:27 Disputed

Summary

The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186. NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.openwall.com/lists/oss-security/2013/09/05/4	mailing-listx_refsource_MLIST
	http://rhn.redhat.com/errata/RHSA-2013-1193.html	vendor-advisoryx_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2013-1265.html	vendor-advisoryx_refsource_REDHAT
	http://openwall.com/lists/oss-security/2014/10/24/12	mailing-listx_refsource_MLIST
	http://rhn.redhat.com/errata/RHSA-2013-1194.html	vendor-advisoryx_refsource_REDHAT

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:27:41.116Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20130905 Re: CVE-2013-2185 / Tomcat",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2013/09/05/4"
          },
          {
            "name": "RHSA-2013:1193",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1193.html"
          },
          {
            "name": "RHSA-2013:1265",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1265.html"
          },
          {
            "name": "[oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2014/10/24/12"
          },
          {
            "name": "RHSA-2013:1194",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1194.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-09-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-11-11T23:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[oss-security] 20130905 Re: CVE-2013-2185 / Tomcat",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2013/09/05/4"
        },
        {
          "name": "RHSA-2013:1193",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1193.html"
        },
        {
          "name": "RHSA-2013:1265",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1265.html"
        },
        {
          "name": "[oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2014/10/24/12"
        },
        {
          "name": "RHSA-2013:1194",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1194.html"
        }
      ],
      "tags": [
        "disputed"
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-2185",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20130905 Re: CVE-2013-2185 / Tomcat",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2013/09/05/4"
            },
            {
              "name": "RHSA-2013:1193",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1193.html"
            },
            {
              "name": "RHSA-2013:1265",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1265.html"
            },
            {
              "name": "[oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2014/10/24/12"
            },
            {
              "name": "RHSA-2013:1194",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1194.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-2185",
    "datePublished": "2014-01-19T16:00:00.000Z",
    "dateReserved": "2013-02-19T00:00:00.000Z",
    "dateUpdated": "2024-08-06T15:27:41.116Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GSD-2013-2185

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186. NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.

Aliases

CVE-2013-2185

Aliases

CVE-2013-2185

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-2185",
    "description": "** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.",
    "id": "GSD-2013-2185",
    "references": [
      "https://www.suse.com/security/cve/CVE-2013-2185.html",
      "https://access.redhat.com/errata/RHSA-2013:1265",
      "https://access.redhat.com/errata/RHSA-2013:1194",
      "https://access.redhat.com/errata/RHSA-2013:1193"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-2185"
      ],
      "details": "** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.",
      "id": "GSD-2013-2185",
      "modified": "2023-12-13T01:22:17.043362Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2013-2185",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "[oss-security] 20130905 Re: CVE-2013-2185 / Tomcat",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2013/09/05/4"
          },
          {
            "name": "RHSA-2013:1193",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1193.html"
          },
          {
            "name": "RHSA-2013:1265",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1265.html"
          },
          {
            "name": "[oss-security] 20141024 Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185",
            "refsource": "MLIST",
            "url": "http://openwall.com/lists/oss-security/2014/10/24/12"
          },
          {
            "name": "RHSA-2013:1194",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1194.html"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[7-alpha0,7.0.33]",
          "affected_versions": "All versions starting from 7-alpha0 up to 7.0.33",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "cwe_ids": [
            "CWE-1035",
            "CWE-20",
            "CWE-937"
          ],
          "date": "2016-11-01",
          "description": "A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is permitted by the user running the application server process.",
          "fixed_versions": [
            "7.0.40"
          ],
          "identifier": "CVE-2013-2185",
          "identifiers": [
            "CVE-2013-2185"
          ],
          "not_impacted": "All versions before 7-alpha0, all versions after 7.0.33",
          "package_slug": "maven/org.apache.tomcat/tomcat-coyote",
          "pubdate": "2014-01-19",
          "solution": "Upgrade to version 7.0.40 or above.",
          "title": "Arbitrary file upload via deserialization",
          "urls": [
            "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2185"
          ],
          "uuid": "d1ee50aa-a538-498d-85d5-989ae394ebb3"
        },
        {
          "affected_range": "(,7.0.39)",
          "affected_versions": "All versions before 7.0.39",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "cwe_ids": [
            "CWE-1035",
            "CWE-20",
            "CWE-937"
          ],
          "date": "2022-11-03",
          "description": "** DISPUTED ** The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186. NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue.",
          "fixed_versions": [
            "7.0.39"
          ],
          "identifier": "CVE-2013-2185",
          "identifiers": [
            "GHSA-v6c7-8qx5-8gmp",
            "CVE-2013-2185"
          ],
          "not_impacted": "All versions starting from 7.0.39",
          "package_slug": "maven/org.apache.tomcat/tomcat",
          "pubdate": "2022-05-17",
          "solution": "Upgrade to version 7.0.39 or above.",
          "title": "Improper Input Validation",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2013-2185",
            "http://openwall.com/lists/oss-security/2014/10/24/12",
            "http://rhn.redhat.com/errata/RHSA-2013-1193.html",
            "http://rhn.redhat.com/errata/RHSA-2013-1194.html",
            "http://rhn.redhat.com/errata/RHSA-2013-1265.html",
            "http://www.openwall.com/lists/oss-security/2013/09/05/4",
            "https://github.com/advisories/GHSA-v6c7-8qx5-8gmp"
          ],
          "uuid": "2e78cf51-bd63-429f-a7df-9211b0c80ead"
        },
        {
          "affected_range": "[3,3.0.0-CR2],[7,7.2.1]",
          "affected_versions": "All versions starting from 3 up to 3.0.0-CR2, all versions starting from 7 up to 7,7.2.1",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "cwe_ids": [
            "CWE-1035",
            "CWE-20",
            "CWE-937"
          ],
          "date": "2016-11-01",
          "description": "The `readObject` method in the `DiskFileItem` class in JBoss Web allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.",
          "fixed_versions": [
            "7.2.2"
          ],
          "identifier": "CVE-2013-2185",
          "identifiers": [
            "CVE-2013-2185"
          ],
          "not_impacted": "All versions before 3, all versions after 3.0.0-CR2, all versions before 7, all versions after 7.2.1",
          "package_slug": "maven/org.jboss.web/jbossweb",
          "pubdate": "2014-01-19",
          "solution": "Upgrade to versions 7.2.2 or above.",
          "title": "Improper Input Validation",
          "urls": [
            "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2185"
          ],
          "uuid": "43eee9d5-998c-4d42-a625-ff6f8e453255"
        }
      ]
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "CEBF404D-B53C-4B16-9010-0777DEE1B9E8",
                    "versionEndIncluding": "7.0.39",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.1.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "AF680478-162A-4F7B-B9BA-C407FA3C0EEE",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:6.0.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "AC0F117C-E25C-4B0C-9459-4BB4413440CB",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue"
          },
          {
            "lang": "es",
            "value": "** EN DISPUTA ** ** El m\u00e9todo readObject en la clase DiskFileItem en Apache Tomcat y JBoss Web, tal como se utiliza en la plataforma Red Hat JBoss Enterprise Application 6.1.0 y Red Hat JBoss Portal 6.0.0, permite a atacantes remotos para escribir en archivos arbitrarios a trav\u00e9s de un byte NULL en un nombre de archivo en una instancia serializada, un problema similar a CVE-2013-2.186. NOTA: se ha informado que este problema es disputado por el equipo de Apache Tomcat, aunque Red Hat lo considera una vulnerabilidad. La disputa parece considerar si se trata de la responsabilidad de las aplicaciones para evitar que los datos no confiables para ser deserializados, o si esta clase debe proteger inherentemente contra  este tema."
          }
        ],
        "id": "CVE-2013-2185",
        "lastModified": "2024-04-11T00:50:04.650",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "integrityImpact": "PARTIAL",
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              "exploitabilityScore": 10.0,
              "impactScore": 6.4,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ]
        },
        "published": "2014-01-19T18:02:57.037",
        "references": [
          {
            "source": "secalert@redhat.com",
            "url": "http://openwall.com/lists/oss-security/2014/10/24/12"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1193.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1194.html"
          },
          {
            "source": "secalert@redhat.com",
            "tags": [
              "Vendor Advisory"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1265.html"
          },
          {
            "source": "secalert@redhat.com",
            "url": "http://www.openwall.com/lists/oss-security/2013/09/05/4"
          }
        ],
        "sourceIdentifier": "secalert@redhat.com",
        "vulnStatus": "Modified",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-20"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

CERTFR-2025-AVI-0370

Vulnerability from certfr_avis - Published: 2025-05-02 - Updated: 2025-05-02

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
IBM	Sterling B2B Integrator	IBM Sterling B2B Integrator versions 6.1.x antérieures à 6.1.1.0
IBM	VIOS	VIOS se référer au site de l'éditeur pour les versions vulnérables, cf. section Documentation
IBM	Cognos Analytics	Cognos Analytics versions 12.1.x antérieures à 12.1.0 IF1
IBM	Cognos PowerPlay	Cognos PowerPlay versions 12.1.x antérieures à 12.1.0 IF1
IBM	Sterling B2B Integrator	IBM Sterling B2B Integrator versions antérieures à 6.0.0.7
IBM	Cognos Transformer	Cognos Transformer versions 11.2.x antérieures à 11.2.4 FP5
IBM	Cognos Transformer	Cognos Transformer versions 12.1.x antérieures à 12.1.0 IF1
IBM	Sterling B2B Integrator	IBM Sterling B2B Integrator versions 6.1.0.x antérieures à 6.1.0.3
IBM	QRadar SIEM	QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP11 IF04
IBM	Cognos Analytics	Cognos Analytics versions 11.2.x antérieures à 11.2.4.5 IF5
IBM	WebSphere Automation	WebSphere Automation versions antérieures à 1.8.2
IBM	Sterling B2B Integrator	IBM Sterling B2B Integrator versions 6.0.3.x antérieures à 6.0.3.5
IBM	AIX	AIX se référer au site de l'éditeur pour les versions vulnérables, cf. section Documentation
IBM	Cognos Transformer	Cognos Transformer versions 12.0.x antérieures à 12.0.4 IF3
IBM	Cognos Analytics	Cognos Analytics versions 12.0.x antérieures à 12.0.4 IF3

References

Title

Publication Time

Tags

Bulletin de sécurité IBM 6495961	2025-04-28	vendor-advisory
Bulletin de sécurité IBM 7231738	2025-04-29	vendor-advisory
Bulletin de sécurité IBM 7231815	2025-04-25	vendor-advisory
Bulletin de sécurité IBM 7231900	2025-04-29	vendor-advisory
Bulletin de sécurité IBM 7179496	2025-04-30	vendor-advisory
Bulletin de sécurité IBM 7231901	2025-04-29	vendor-advisory
Bulletin de sécurité IBM 7231915	2025-04-26	vendor-advisory
Bulletin de sécurité IBM 7232177	2025-04-30	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Sterling B2B Integrator versions 6.1.x ant\u00e9rieures \u00e0 6.1.1.0",
      "product": {
        "name": "Sterling B2B Integrator",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "VIOS se r\u00e9f\u00e9rer au site de l\u0027\u00e9diteur pour les versions vuln\u00e9rables, cf. section Documentation",
      "product": {
        "name": "VIOS",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos Analytics versions 12.1.x ant\u00e9rieures \u00e0 12.1.0 IF1",
      "product": {
        "name": "Cognos Analytics",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos PowerPlay versions 12.1.x ant\u00e9rieures \u00e0 12.1.0 IF1",
      "product": {
        "name": "Cognos PowerPlay",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling B2B Integrator versions ant\u00e9rieures \u00e0 6.0.0.7",
      "product": {
        "name": "Sterling B2B Integrator",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos Transformer versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP5",
      "product": {
        "name": "Cognos Transformer",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos Transformer versions 12.1.x ant\u00e9rieures \u00e0 12.1.0 IF1",
      "product": {
        "name": "Cognos Transformer",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling B2B Integrator versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.3",
      "product": {
        "name": "Sterling B2B Integrator",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP11 IF04",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4.5 IF5",
      "product": {
        "name": "Cognos Analytics",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "WebSphere Automation versions ant\u00e9rieures \u00e0 1.8.2",
      "product": {
        "name": "WebSphere Automation",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Sterling B2B Integrator versions 6.0.3.x ant\u00e9rieures \u00e0 6.0.3.5",
      "product": {
        "name": "Sterling B2B Integrator",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "AIX se r\u00e9f\u00e9rer au site de l\u0027\u00e9diteur pour les versions vuln\u00e9rables, cf. section Documentation",
      "product": {
        "name": "AIX",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos Transformer versions 12.0.x ant\u00e9rieures \u00e0 12.0.4 IF3",
      "product": {
        "name": "Cognos Transformer",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4 IF3",
      "product": {
        "name": "Cognos Analytics",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2016-6797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6797"
    },
    {
      "name": "CVE-2016-8735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8735"
    },
    {
      "name": "CVE-2025-27516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
    },
    {
      "name": "CVE-2020-8022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8022"
    },
    {
      "name": "CVE-2011-3190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3190"
    },
    {
      "name": "CVE-2017-9047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-9047"
    },
    {
      "name": "CVE-2025-24813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
    },
    {
      "name": "CVE-2024-50302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-50302"
    },
    {
      "name": "CVE-2024-56171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
    },
    {
      "name": "CVE-2022-49043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
    },
    {
      "name": "CVE-2016-0714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0714"
    },
    {
      "name": "CVE-2024-11218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11218"
    },
    {
      "name": "CVE-2014-0230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
    },
    {
      "name": "CVE-2024-53197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53197"
    },
    {
      "name": "CVE-2013-2185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2185"
    },
    {
      "name": "CVE-2006-7197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-7197"
    },
    {
      "name": "CVE-2024-40695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-40695"
    },
    {
      "name": "CVE-2024-57807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57807"
    },
    {
      "name": "CVE-2025-21785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
    },
    {
      "name": "CVE-2016-6816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6816"
    },
    {
      "name": "CVE-2024-57979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
    },
    {
      "name": "CVE-2016-5018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5018"
    },
    {
      "name": "CVE-2023-52922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-52922"
    },
    {
      "name": "CVE-2024-51466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51466"
    },
    {
      "name": "CVE-2025-27363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
    },
    {
      "name": "CVE-2025-24928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
    },
    {
      "name": "CVE-2017-5647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
    },
    {
      "name": "CVE-2025-0624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0624"
    },
    {
      "name": "CVE-2016-5388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5388"
    },
    {
      "name": "CVE-2016-6796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6796"
    },
    {
      "name": "CVE-2020-11023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
    }
  ],
  "initial_release_date": "2025-05-02T00:00:00",
  "last_revision_date": "2025-05-02T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0370",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-05-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": "2025-04-28",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 6495961",
      "url": "https://www.ibm.com/support/pages/node/6495961"
    },
    {
      "published_at": "2025-04-29",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7231738",
      "url": "https://www.ibm.com/support/pages/node/7231738"
    },
    {
      "published_at": "2025-04-25",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7231815",
      "url": "https://www.ibm.com/support/pages/node/7231815"
    },
    {
      "published_at": "2025-04-29",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7231900",
      "url": "https://www.ibm.com/support/pages/node/7231900"
    },
    {
      "published_at": "2025-04-30",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7179496",
      "url": "https://www.ibm.com/support/pages/node/7179496"
    },
    {
      "published_at": "2025-04-29",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7231901",
      "url": "https://www.ibm.com/support/pages/node/7231901"
    },
    {
      "published_at": "2025-04-26",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7231915",
      "url": "https://www.ibm.com/support/pages/node/7231915"
    },
    {
      "published_at": "2025-04-30",
      "title": "Bulletin de s\u00e9curit\u00e9 IBM 7232177",
      "url": "https://www.ibm.com/support/pages/node/7232177"
    }
  ]
}

CERTFR-2022-AVI-568

Vulnerability from certfr_avis - Published: 2022-06-17 - Updated: 2022-06-17

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.5 sans le correctif de sécurité 7.5.0-QRADAR-PROTOCOL-ApacheKafka-7.5-20220429171113
IBM	N/A	IBM Disconnected Log Collector versions 1.x antérieures à 1.7.3
IBM	N/A	IBM Customer and Network Analytics for Communications Service Providers and Datasets (CNA) versions 10.0.0.x antérieures à 10.0.0.2
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.4 sans le correctif de sécurité 7.4.0-QRADAR-PROTOCOL-ApacheKafka-7.4-20220429171217
IBM	QRadar SIEM	IBM QRadar SIEM versions 7.3 sans le correctif de sécurité 7.3.0-QRADAR-PROTOCOL-ApacheKafka-7.3-20220429171209
IBM	N/A	IBM Rational Test Control Panel component in Rational Test Workbench toutes versions sans le correctif de sécurité Rational-RTCP-<product-name>-<product-version>-CVE-2022-22965-ifix
IBM	N/A	IBM Analytic Accelerator Framework for Communication Service Providers (AAF) versions 4.0.0.x antérieures à 4.0.0.2
IBM	N/A	IBM Rational Test Control Panel component in Rational Test Virtualization Server toutes versions sans le correctif de sécurité Rational-RTCP-<product-name>-<product-version>-CVE-2022-22965-ifix

References

Title

Publication Time

Tags

Bulletin de sécurité les produits IBM 6595755 du 16 juin 2022	None	vendor-advisory
Bulletin de sécurité les produits IBM 6595739 du 16 juin 2022	None	vendor-advisory
Bulletin de sécurité les produits IBM 6595965 du 16 juin 2022	None	vendor-advisory
Bulletin de sécurité les produits IBM 6595721 du 16 juin 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM QRadar SIEM versions 7.5 sans le correctif de s\u00e9curit\u00e9 7.5.0-QRADAR-PROTOCOL-ApacheKafka-7.5-20220429171113",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Disconnected Log Collector versions 1.x ant\u00e9rieures \u00e0 1.7.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Customer and Network Analytics for Communications Service Providers and Datasets (CNA) versions 10.0.0.x ant\u00e9rieures \u00e0 10.0.0.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar SIEM versions 7.4 sans le correctif de s\u00e9curit\u00e9 7.4.0-QRADAR-PROTOCOL-ApacheKafka-7.4-20220429171217",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM QRadar SIEM versions 7.3 sans le correctif de s\u00e9curit\u00e9 7.3.0-QRADAR-PROTOCOL-ApacheKafka-7.3-20220429171209",
      "product": {
        "name": "QRadar SIEM",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Rational Test Control Panel component in Rational Test Workbench toutes versions sans le correctif de s\u00e9curit\u00e9 Rational-RTCP-\u003cproduct-name\u003e-\u003cproduct-version\u003e-CVE-2022-22965-ifix",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Analytic Accelerator Framework for Communication Service Providers (AAF) versions 4.0.0.x ant\u00e9rieures \u00e0 4.0.0.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Rational Test Control Panel component in Rational Test Virtualization Server toutes versions sans le correctif de s\u00e9curit\u00e9 Rational-RTCP-\u003cproduct-name\u003e-\u003cproduct-version\u003e-CVE-2022-22965-ifix",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-12384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12384"
    },
    {
      "name": "CVE-2019-17267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
    },
    {
      "name": "CVE-2014-0075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0075"
    },
    {
      "name": "CVE-2022-22965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22965"
    },
    {
      "name": "CVE-2012-5886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5886"
    },
    {
      "name": "CVE-2021-29425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
    },
    {
      "name": "CVE-2016-6797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6797"
    },
    {
      "name": "CVE-2016-8735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-8735"
    },
    {
      "name": "CVE-2020-8022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8022"
    },
    {
      "name": "CVE-2013-4286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4286"
    },
    {
      "name": "CVE-2020-9546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
    },
    {
      "name": "CVE-2012-5885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5885"
    },
    {
      "name": "CVE-2020-10673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
    },
    {
      "name": "CVE-2020-35728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
    },
    {
      "name": "CVE-2014-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0119"
    },
    {
      "name": "CVE-2013-4590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4590"
    },
    {
      "name": "CVE-2020-36181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
    },
    {
      "name": "CVE-2020-9548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
    },
    {
      "name": "CVE-2020-36182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
    },
    {
      "name": "CVE-2020-24616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
    },
    {
      "name": "CVE-2020-36185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
    },
    {
      "name": "CVE-2019-17195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17195"
    },
    {
      "name": "CVE-2019-16942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
    },
    {
      "name": "CVE-2014-0227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0227"
    },
    {
      "name": "CVE-2020-9547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
    },
    {
      "name": "CVE-2016-0706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0706"
    },
    {
      "name": "CVE-2020-36179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
    },
    {
      "name": "CVE-2020-36186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
    },
    {
      "name": "CVE-2020-36189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
    },
    {
      "name": "CVE-2020-35490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
    },
    {
      "name": "CVE-2021-20190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
    },
    {
      "name": "CVE-2021-45105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45105"
    },
    {
      "name": "CVE-2019-16335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
    },
    {
      "name": "CVE-2016-0714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0714"
    },
    {
      "name": "CVE-2012-4431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4431"
    },
    {
      "name": "CVE-2019-14893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
    },
    {
      "name": "CVE-2014-0230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0230"
    },
    {
      "name": "CVE-2020-11113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11113"
    },
    {
      "name": "CVE-2014-0099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0099"
    },
    {
      "name": "CVE-2013-2185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2185"
    },
    {
      "name": "CVE-2020-10672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
    },
    {
      "name": "CVE-2019-14439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14439"
    },
    {
      "name": "CVE-2020-10969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10969"
    },
    {
      "name": "CVE-2016-6794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6794"
    },
    {
      "name": "CVE-2020-36187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
    },
    {
      "name": "CVE-2015-5174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5174"
    },
    {
      "name": "CVE-2021-27568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27568"
    },
    {
      "name": "CVE-2013-2067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2067"
    },
    {
      "name": "CVE-2021-33813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33813"
    },
    {
      "name": "CVE-2020-11620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
    },
    {
      "name": "CVE-2020-24750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
    },
    {
      "name": "CVE-2021-38153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
    },
    {
      "name": "CVE-2016-6816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6816"
    },
    {
      "name": "CVE-2018-17196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17196"
    },
    {
      "name": "CVE-2019-16943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
    },
    {
      "name": "CVE-2012-3546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3546"
    },
    {
      "name": "CVE-2019-20330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
    },
    {
      "name": "CVE-2020-14195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
    },
    {
      "name": "CVE-2016-5018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5018"
    },
    {
      "name": "CVE-2018-10237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
    },
    {
      "name": "CVE-2019-12814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12814"
    },
    {
      "name": "CVE-2020-35491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
    },
    {
      "name": "CVE-2019-17531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
    },
    {
      "name": "CVE-2013-4322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4322"
    },
    {
      "name": "CVE-2021-45046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45046"
    },
    {
      "name": "CVE-2020-14061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
    },
    {
      "name": "CVE-2012-4534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4534"
    },
    {
      "name": "CVE-2020-11619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
    },
    {
      "name": "CVE-2020-36183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
    },
    {
      "name": "CVE-2014-7810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-7810"
    },
    {
      "name": "CVE-2020-8840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
    },
    {
      "name": "CVE-2020-8908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
    },
    {
      "name": "CVE-2016-0762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-0762"
    },
    {
      "name": "CVE-2020-36184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
    },
    {
      "name": "CVE-2014-0033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0033"
    },
    {
      "name": "CVE-2020-36180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
    },
    {
      "name": "CVE-2021-44228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-44228"
    },
    {
      "name": "CVE-2019-14540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
    },
    {
      "name": "CVE-2019-12086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086"
    },
    {
      "name": "CVE-2013-4444",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4444"
    },
    {
      "name": "CVE-2012-3544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3544"
    },
    {
      "name": "CVE-2012-5887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5887"
    },
    {
      "name": "CVE-2020-10968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10968"
    },
    {
      "name": "CVE-2017-5647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
    },
    {
      "name": "CVE-2020-25649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
    },
    {
      "name": "CVE-2019-14379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
    },
    {
      "name": "CVE-2015-5345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5345"
    },
    {
      "name": "CVE-2020-11112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11112"
    },
    {
      "name": "CVE-2020-11111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11111"
    },
    {
      "name": "CVE-2016-5388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-5388"
    },
    {
      "name": "CVE-2014-0096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0096"
    },
    {
      "name": "CVE-2012-2733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2733"
    },
    {
      "name": "CVE-2020-14060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
    },
    {
      "name": "CVE-2020-36188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
    },
    {
      "name": "CVE-2016-6796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6796"
    },
    {
      "name": "CVE-2019-14892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
    },
    {
      "name": "CVE-2020-14062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
    }
  ],
  "initial_release_date": "2022-06-17T00:00:00",
  "last_revision_date": "2022-06-17T00:00:00",
  "links": [],
  "reference": "CERTFR-2022-AVI-568",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-06-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 les produits IBM 6595755 du 16 juin 2022",
      "url": "https://www.ibm.com/support/pages/node/6595755"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 les produits IBM 6595739 du 16 juin 2022",
      "url": "https://www.ibm.com/support/pages/node/6595739"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 les produits IBM 6595965 du 16 juin 2022",
      "url": "https://www.ibm.com/support/pages/node/6595965"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 les produits IBM 6595721 du 16 juin 2022",
      "url": "https://www.ibm.com/support/pages/node/6595721"
    }
  ]
}

FKIE_CVE-2013-2185

Vulnerability from fkie_nvd - Published: 2014-01-19 18:02 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://openwall.com/lists/oss-security/2014/10/24/12
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2013-1193.html	Vendor Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2013-1194.html	Vendor Advisory
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2013-1265.html	Vendor Advisory
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2013/09/05/4
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2014/10/24/12
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1193.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1194.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1265.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2013/09/05/4

Impacted products

Vendor	Product	Version
apache	tomcat	*
redhat	jboss_enterprise_application_platform	6.1.0
redhat	jboss_enterprise_portal_platform	6.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEBF404D-B53C-4B16-9010-0777DEE1B9E8",
              "versionEndIncluding": "7.0.39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF680478-162A-4F7B-B9BA-C407FA3C0EEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:jboss_enterprise_portal_platform:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0F117C-E25C-4B0C-9459-4BB4413440CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [
    {
      "sourceIdentifier": "secalert@redhat.com",
      "tags": [
        "disputed"
      ]
    }
  ],
  "descriptions": [
    {
      "lang": "en",
      "value": "The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue"
    },
    {
      "lang": "es",
      "value": "** EN DISPUTA ** ** El m\u00e9todo readObject en la clase DiskFileItem en Apache Tomcat y JBoss Web, tal como se utiliza en la plataforma Red Hat JBoss Enterprise Application 6.1.0 y Red Hat JBoss Portal 6.0.0, permite a atacantes remotos para escribir en archivos arbitrarios a trav\u00e9s de un byte NULL en un nombre de archivo en una instancia serializada, un problema similar a CVE-2013-2.186. NOTA: se ha informado que este problema es disputado por el equipo de Apache Tomcat, aunque Red Hat lo considera una vulnerabilidad. La disputa parece considerar si se trata de la responsabilidad de las aplicaciones para evitar que los datos no confiables para ser deserializados, o si esta clase debe proteger inherentemente contra  este tema."
    }
  ],
  "id": "CVE-2013-2185",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-01-19T18:02:57.037",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://openwall.com/lists/oss-security/2014/10/24/12"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1193.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1194.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1265.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2013/09/05/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2014/10/24/12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1193.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1194.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1265.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2013/09/05/4"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-V6C7-8QX5-8GMP

Vulnerability from github – Published: 2022-05-17 03:47 – Updated: 2022-11-03 21:09

Summary

Deserialization of Untrusted Data in Apache Tomcat

Details

NOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue. Regardless the tomcat maintainers have altered the behavior of this method in version 7.0.39.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "7.0.39"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2013-2185"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-11-03T21:09:17Z",
    "nvd_published_at": "2014-01-19T18:02:00Z",
    "severity": "HIGH"
  },
  "details": "The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance, a similar issue to CVE-2013-2186.  \n\nNOTE: this issue is reportedly disputed by the Apache Tomcat team, although Red Hat considers it a vulnerability. The dispute appears to regard whether it is the responsibility of applications to avoid providing untrusted data to be deserialized, or whether this class should inherently protect against this issue. Regardless the tomcat maintainers have altered the behavior of this method in version 7.0.39.",
  "id": "GHSA-v6c7-8qx5-8gmp",
  "modified": "2022-11-03T21:09:17Z",
  "published": "2022-05-17T03:47:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2185"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/tomcat"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2014/10/24/12"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1193.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1194.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1265.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2013/09/05/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Deserialization of Untrusted Data in Apache Tomcat"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-2185 (GCVE-0-2013-2185)

GSD-2013-2185

CERTFR-2025-AVI-0370

Solutions

CERTFR-2022-AVI-568

Solution

FKIE_CVE-2013-2185

GHSA-V6C7-8QX5-8GMP

Tags

Sightings

Nomenclature