https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Bug ID: 1408164 Summary: CVE-2016-9878 Spring Framework: Directory Traversal in the Spring Framework ResourceServlet Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: amaris@redhat.com CC: abhgupta@redhat.com, aileenc@redhat.com, alazarot@redhat.com, aszczucz@redhat.com, avibelli@redhat.com, awels@redhat.com, bazulay@redhat.com, bdawidow@redhat.com, bmcclain@redhat.com, chazlett@redhat.com, coneill@redhat.com, dandread@redhat.com, dblechte@redhat.com, dmcphers@redhat.com, eedri@redhat.com, epp-bugs@redhat.com, etirelli@redhat.com, felias@redhat.com, fnasser@redhat.com, gklein@redhat.com, gsterlin@redhat.com, gvarsami@redhat.com, hchiorea@redhat.com, hfnukal@redhat.com, huwang@redhat.com, java-sig-commits@lists.fedoraproject.org, jbalunas@redhat.com, jbpapp-maint@redhat.com, jcoleman@redhat.com, jialiu@redhat.com, jokerman@redhat.com, jolee@redhat.com, jpallich@redhat.com, jshepherd@redhat.com, kconner@redhat.com, kseifried@redhat.com, kverlaen@redhat.com, ldimaggi@redhat.com, lgao@redhat.com, lmeyer@redhat.com, lpetrovi@redhat.com, lsurette@redhat.com, mbaluch@redhat.com, mgoldboi@redhat.com, michal.skrivanek@redhat.com, mmccomas@redhat.com, mweiler@redhat.com, mwinkler@redhat.com, myarboro@redhat.com, nthomas@redhat.com, nwallace@redhat.com, oourfali@redhat.com, pavelp@redhat.com, puntogil@libero.it, rbalakri@redhat.com, Rhev-m-bugs@redhat.com, rrajasek@redhat.com, rwagner@redhat.com, rzhang@redhat.com, sankarshan@redhat.com, sbonazzo@redhat.com, sherold@redhat.com, sisharma@redhat.com, soa-p-jira@post-office.corp.redhat.com, srevivo@redhat.com, tcunning@redhat.com, theute@redhat.com, tiwillia@redhat.com, tjay@redhat.com, tkirby@redhat.com, twalsh@redhat.com, vhalbert@redhat.com, ydary@redhat.com, ykaul@redhat.com
It was found that paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.
Upstream bug:
https://jira.spring.io/browse/SPR-14946
Upstream patches:
https://github.com/spring-projects/spring-framework/commit/e2d6e709c3c65a495... https://github.com/spring-projects/spring-framework/commit/43bf008fbcd0d7945... https://github.com/spring-projects/spring-framework/commit/a7dc48534ea501525...
External References:
https://pivotal.io/security/cve-2016-9878
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Adam Mariš amaris@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1408165
--- Comment #1 from Adam Mariš amaris@redhat.com ---
Created springframework tracking bugs for this issue:
Affects: fedora-all [bug 1408165]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1408165 [Bug 1408165] CVE-2016-9878 springframework: Spring Framework: Directory Traversal in the Spring Framework ResourceServlet [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Adam Mariš amaris@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1408166
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Siddharth Sharma sisharma@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,fuse-6/spring-core=n |CWE-22,fuse-6/spring-core=n |ew,fsw-6/spring-core=new,so |ew,fsw-6/spring-core=new,so |ap-5/spring-core=new,brms-5 |ap-5/spring-core=new,brms-5 |/spring-core=new,brms-6/spr |/spring-core=new,brms-6/spr |ing-core=new,bpms-6/spring- |ing-core=new,bpms-6/spring- |core=new,eap-5/spring-core= |core=new,eap-5/spring-core= |new,amq-6/spring-core=new,j |new,amq-6/spring-core=new,j |dv-6/spring-core=new,jpp-6. |dv-6/spring-core=new,jpp-6. |2.0/spring-core=new,openshi |2.0/spring-core=new,openshi |ft-enterprise-2/spring-core |ft-enterprise-2/spring-core |=new,rhev-m-3/jasperreports |=new,rhev-m-3/jasperreports |-server-pro=new,rhev-m-3/re |-server-pro=new,rhev-m-3/re |dhat-support-plugin-rhev=ne |dhat-support-plugin-rhev=ne |w,rhev-m-3/rhevm-dependenci |w,rhev-m-3/rhevm-dependenci |es=new,rhscon-2/spring-core |es=new,rhes-3.0/spring-core |=new,rhmap-4/spring-core=ne |=new,rhmap-4/spring-core=ne |w,fedora-all/springframewor |w,fedora-all/springframewor |k=affected |k=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Siddharth Sharma sisharma@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,fuse-6/spring-core=n |CWE-22,fuse-6/spring-core=n |ew,fsw-6/spring-core=new,so |ew,fsw-6/spring-core=new,so |ap-5/spring-core=new,brms-5 |ap-5/spring-core=new,brms-5 |/spring-core=new,brms-6/spr |/spring-core=new,brms-6/spr |ing-core=new,bpms-6/spring- |ing-core=new,bpms-6/spring- |core=new,eap-5/spring-core= |core=new,eap-5/spring-core= |new,amq-6/spring-core=new,j |new,amq-6/spring-core=new,j |dv-6/spring-core=new,jpp-6. |dv-6/spring-core=new,jpp-6. |2.0/spring-core=new,openshi |2.0/spring-core=new,openshi |ft-enterprise-2/spring-core |ft-enterprise-2/spring-core |=new,rhev-m-3/jasperreports |=new,rhev-m-3/jasperreports |-server-pro=new,rhev-m-3/re |-server-pro=new,rhev-m-3/re |dhat-support-plugin-rhev=ne |dhat-support-plugin-rhev=ne |w,rhev-m-3/rhevm-dependenci |w,rhev-m-3/rhevm-dependenci |es=new,rhes-3.0/spring-core |es=new,rhes-3.1/rhsc-backen |=new,rhmap-4/spring-core=ne |d=new,rhmap-4/spring-core=n |w,fedora-all/springframewor |ew,fedora-all/springframewo |k=affected |rk=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1408164 Bug 1408164 depends on bug 1408165, which changed state.
Bug 1408165 Summary: CVE-2016-9878 springframework: Spring Framework: Directory Traversal in the Spring Framework ResourceServlet [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1408165
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Hooman Broujerdi hghasemb@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,fuse-6/spring-core=n |CWE-22,fsw-6/spring-core=ne |ew,fsw-6/spring-core=new,so |w,soap-5/spring-core=new,br |ap-5/spring-core=new,brms-5 |ms-5/spring-core=new,brms-6 |/spring-core=new,brms-6/spr |/spring-core=new,bpms-6/spr |ing-core=new,bpms-6/spring- |ing-core=new,eap-5/spring-c |core=new,eap-5/spring-core= |ore=new,amq-6/spring-core=n |new,amq-6/spring-core=new,j |ew,jdv-6/spring-core=new,jp |dv-6/spring-core=new,jpp-6. |p-6.2.0/spring-core=new,ope |2.0/spring-core=new,openshi |nshift-enterprise-2/spring- |ft-enterprise-2/spring-core |core=new,rhev-m-3/jasperrep |=new,rhev-m-3/jasperreports |orts-server-pro=new,rhev-m- |-server-pro=new,rhev-m-3/re |3/redhat-support-plugin-rhe |dhat-support-plugin-rhev=ne |v=new,rhev-m-3/rhevm-depend |w,rhev-m-3/rhevm-dependenci |encies=new,rhes-3.1/rhsc-ba |es=new,rhes-3.1/rhsc-backen |ckend=new,rhmap-4/spring-co |d=new,rhmap-4/spring-core=n |re=new,fedora-all/springfra |ew,fedora-all/springframewo |mework=affected |rk=affected |
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Hooman Broujerdi hghasemb@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,fsw-6/spring-core=ne |CWE-22,fsw-6/spring-core=ne |w,soap-5/spring-core=new,br |w,soap-5/spring-core=new,br |ms-5/spring-core=new,brms-6 |ms-5/spring-core=new,brms-6 |/spring-core=new,bpms-6/spr |/spring-core=new,bpms-6/spr |ing-core=new,eap-5/spring-c |ing-core=new,eap-5/spring-c |ore=new,amq-6/spring-core=n |ore=new,amq-6/spring-core=n |ew,jdv-6/spring-core=new,jp |ew,jdv-6/spring-core=new,jp |p-6.2.0/spring-core=new,ope |p-6.2.0/spring-core=new,ope |nshift-enterprise-2/spring- |nshift-enterprise-2/spring- |core=new,rhev-m-3/jasperrep |core=new,rhev-m-3/jasperrep |orts-server-pro=new,rhev-m- |orts-server-pro=new,rhev-m- |3/redhat-support-plugin-rhe |3/redhat-support-plugin-rhe |v=new,rhev-m-3/rhevm-depend |v=new,rhev-m-3/rhevm-depend |encies=new,rhes-3.1/rhsc-ba |encies=new,rhes-3.1/rhsc-ba |ckend=new,rhmap-4/spring-co |ckend=new,rhmap-4/spring-co |re=new,fedora-all/springfra |re=new,fedora-all/springfra |mework=affected |mework=affected,fuse-6/kara | |f=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Hooman Broujerdi hghasemb@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,fsw-6/spring-core=ne |CWE-22,fsw-6/spring-core=ne |w,soap-5/spring-core=new,br |w,soap-5/spring-core=new,br |ms-5/spring-core=new,brms-6 |ms-5/spring-core=new,brms-6 |/spring-core=new,bpms-6/spr |/spring-core=new,bpms-6/spr |ing-core=new,eap-5/spring-c |ing-core=new,eap-5/spring-c |ore=new,amq-6/spring-core=n |ore=new,jdv-6/spring-core=n |ew,jdv-6/spring-core=new,jp |ew,jpp-6.2.0/spring-core=ne |p-6.2.0/spring-core=new,ope |w,openshift-enterprise-2/sp |nshift-enterprise-2/spring- |ring-core=new,rhev-m-3/jasp |core=new,rhev-m-3/jasperrep |erreports-server-pro=new,rh |orts-server-pro=new,rhev-m- |ev-m-3/redhat-support-plugi |3/redhat-support-plugin-rhe |n-rhev=new,rhev-m-3/rhevm-d |v=new,rhev-m-3/rhevm-depend |ependencies=new,rhes-3.1/rh |encies=new,rhes-3.1/rhsc-ba |sc-backend=new,rhmap-4/spri |ckend=new,rhmap-4/spring-co |ng-core=new,fedora-all/spri |re=new,fedora-all/springfra |ngframework=affected,fuse-6 |mework=affected,fuse-6/kara |/karaf=affected |f=affected |
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Hooman Broujerdi hghasemb@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,fsw-6/spring-core=ne |CWE-22,fsw-6/spring-core=ne |w,soap-5/spring-core=new,br |w,soap-5/spring-core=new,br |ms-5/spring-core=new,brms-6 |ms-5/spring-core=new,brms-6 |/spring-core=new,bpms-6/spr |/spring-core=new,bpms-6/spr |ing-core=new,eap-5/spring-c |ing-core=new,eap-5/spring-c |ore=new,jdv-6/spring-core=n |ore=new,jdv-6/spring-core=n |ew,jpp-6.2.0/spring-core=ne |ew,jpp-6.2.0/spring-core=ne |w,openshift-enterprise-2/sp |w,openshift-enterprise-2/sp |ring-core=new,rhev-m-3/jasp |ring-core=new,rhev-m-3/jasp |erreports-server-pro=new,rh |erreports-server-pro=new,rh |ev-m-3/redhat-support-plugi |ev-m-3/redhat-support-plugi |n-rhev=new,rhev-m-3/rhevm-d |n-rhev=new,rhev-m-3/rhevm-d |ependencies=new,rhes-3.1/rh |ependencies=new,rhes-3.1/rh |sc-backend=new,rhmap-4/spri |sc-backend=new,rhmap-4/spri |ng-core=new,fedora-all/spri |ng-core=new,fedora-all/spri |ngframework=affected,fuse-6 |ngframework=affected,fuse-6 |/karaf=affected |/karaf=affected,amq-6/karaf | |=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
--- Comment #2 from Jason Shepherd jshepherd@redhat.com --- Could not find any uses for ResourceServlet in Red Hat Mobile Application Platform. Marking as not affected.
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Jason Shepherd jshepherd@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,fsw-6/spring-core=ne |CWE-22,eap-5/spring-webmvc= |w,soap-5/spring-core=new,br |new,openshift-enterprise-2/ |ms-5/spring-core=new,brms-6 |jenkins=new,openshift-enter |/spring-core=new,bpms-6/spr |prise-2/activemq=notaffecte |ing-core=new,eap-5/spring-c |d,openshift-enterprise-2/ca |ore=new,jdv-6/spring-core=n |rtridge-fuse=affected,opens |ew,jpp-6.2.0/spring-core=ne |hift-enterprise-2/cartridge |w,openshift-enterprise-2/sp |-amq=affected,rhev-m-3/jasp |ring-core=new,rhev-m-3/jasp |erreports-server-pro=new,rh |erreports-server-pro=new,rh |map-4/millicore=notaffected |ev-m-3/redhat-support-plugi |,fedora-all/springframework |n-rhev=new,rhev-m-3/rhevm-d |=affected,fuse-6/karaf=affe |ependencies=new,rhes-3.1/rh |cted,amq-6/karaf=affected |sc-backend=new,rhmap-4/spri | |ng-core=new,fedora-all/spri | |ngframework=affected,fuse-6 | |/karaf=affected,amq-6/karaf | |=affected |
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Jason Shepherd jshepherd@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,eap-5/spring-webmvc= |CWE-22,eap-5/spring-webmvc= |new,openshift-enterprise-2/ |wontfix,openshift-enterpris |jenkins=new,openshift-enter |e-2/jenkins=new,openshift-e |prise-2/activemq=notaffecte |nterprise-2/activemq=notaff |d,openshift-enterprise-2/ca |ected,openshift-enterprise- |rtridge-fuse=affected,opens |2/cartridge-fuse=affected,o |hift-enterprise-2/cartridge |penshift-enterprise-2/cartr |-amq=affected,rhev-m-3/jasp |idge-amq=affected,rhev-m-3/ |erreports-server-pro=new,rh |jasperreports-server-pro=ne |map-4/millicore=notaffected |w,rhmap-4/millicore=notaffe |,fedora-all/springframework |cted,fedora-all/springframe |=affected,fuse-6/karaf=affe |work=affected,fuse-6/karaf= |cted,amq-6/karaf=affected |affected,amq-6/karaf=affect | |ed
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
--- Comment #4 from Jason Shepherd jshepherd@redhat.com --- EAP 5 is in Extended Life Support phase, so we won't fix this moderate issue on that product.
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Pavel Polischouk pavelp@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,eap-5/spring-webmvc= |CWE-22,eap-5/spring-webmvc= |wontfix,openshift-enterpris |wontfix,openshift-enterpris |e-2/jenkins=new,openshift-e |e-2/jenkins=new,openshift-e |nterprise-2/activemq=notaff |nterprise-2/activemq=notaff |ected,openshift-enterprise- |ected,openshift-enterprise- |2/cartridge-fuse=affected,o |2/cartridge-fuse=affected,o |penshift-enterprise-2/cartr |penshift-enterprise-2/cartr |idge-amq=affected,rhev-m-3/ |idge-amq=affected,rhev-m-3/ |jasperreports-server-pro=ne |jasperreports-server-pro=ne |w,rhmap-4/millicore=notaffe |w,rhmap-4/millicore=notaffe |cted,fedora-all/springframe |cted,fedora-all/springframe |work=affected,fuse-6/karaf= |work=affected,bpms-6/spring |affected,amq-6/karaf=affect |framework=notaffected,brms- |ed |6/springframework=notaffect | |ed,fuse-6/karaf=affected,am | |q-6/karaf=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Pavel Polischouk pavelp@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,eap-5/spring-webmvc= |CWE-22,eap-5/spring-webmvc= |wontfix,openshift-enterpris |wontfix,openshift-enterpris |e-2/jenkins=new,openshift-e |e-2/jenkins=new,openshift-e |nterprise-2/activemq=notaff |nterprise-2/activemq=notaff |ected,openshift-enterprise- |ected,openshift-enterprise- |2/cartridge-fuse=affected,o |2/cartridge-fuse=affected,o |penshift-enterprise-2/cartr |penshift-enterprise-2/cartr |idge-amq=affected,rhev-m-3/ |idge-amq=affected,rhev-m-3/ |jasperreports-server-pro=ne |jasperreports-server-pro=ne |w,rhmap-4/millicore=notaffe |w,rhmap-4/millicore=notaffe |cted,fedora-all/springframe |cted,fedora-all/springframe |work=affected,bpms-6/spring |work=affected,bpms-6/spring |framework=notaffected,brms- |framework=notaffected,brms- |6/springframework=notaffect |6/springframework=notaffect |ed,fuse-6/karaf=affected,am |ed,jdv-6/springframework=no |q-6/karaf=affected |taffected,fuse-6/karaf=affe | |cted,amq-6/karaf=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Hooman Broujerdi hghasemb@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |hghasemb@redhat.com
--- Doc Text *updated* --- It was found that ResourceServlet in Spring Framework does not sanitize the paths that have been provided properly, an attacker can utilize this flaw to conduct a directory traversal attacks.
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
--- Doc Text *updated* by Eric Christensen sparks@redhat.com --- It was found that ResourceServlet in Spring Framework does not sanitize the paths that have been provided properly. An attacker can utilize this flaw to conduct a directory traversal attacks.
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Siddharth Sharma sisharma@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,eap-5/spring-webmvc= |CWE-22,eap-5/spring-webmvc= |wontfix,openshift-enterpris |wontfix,openshift-enterpris |e-2/jenkins=new,openshift-e |e-2/jenkins=new,openshift-e |nterprise-2/activemq=notaff |nterprise-2/activemq=notaff |ected,openshift-enterprise- |ected,openshift-enterprise- |2/cartridge-fuse=affected,o |2/cartridge-fuse=affected,o |penshift-enterprise-2/cartr |penshift-enterprise-2/cartr |idge-amq=affected,rhev-m-3/ |idge-amq=affected,rhev-m-3/ |jasperreports-server-pro=ne |jasperreports-server-pro=ne |w,rhmap-4/millicore=notaffe |w,rhmap-4/millicore=notaffe |cted,fedora-all/springframe |cted,fedora-all/springframe |work=affected,bpms-6/spring |work=affected,bpms-6/spring |framework=notaffected,brms- |framework=notaffected,brms- |6/springframework=notaffect |6/springframework=notaffect |ed,jdv-6/springframework=no |ed,jdv-6/springframework=no |taffected,fuse-6/karaf=affe |taffected,fuse-6/karaf=affe |cted,amq-6/karaf=affected |cted,amq-6/karaf=affected,r | |hes-3/spring-framework=wont | |fix
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
Siddharth Sharma sisharma@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016 |1221,reported=20161221,sour |1221,reported=20161221,sour |ce=internet,cvss2=6.8/AV:N/ |ce=internet,cvss2=6.8/AV:N/ |AC:M/Au:N/C:P/I:P/A:P,cvss3 |AC:M/Au:N/C:P/I:P/A:P,cvss3 |=5.6/CVSS:3.0/AV:N/AC:H/PR: |=5.6/CVSS:3.0/AV:N/AC:H/PR: |N/UI:N/S:U/C:L/I:L/A:L,cwe= |N/UI:N/S:U/C:L/I:L/A:L,cwe= |CWE-22,eap-5/spring-webmvc= |CWE-22,eap-5/spring-webmvc= |wontfix,openshift-enterpris |wontfix,openshift-enterpris |e-2/jenkins=new,openshift-e |e-2/jenkins=new,openshift-e |nterprise-2/activemq=notaff |nterprise-2/activemq=notaff |ected,openshift-enterprise- |ected,openshift-enterprise- |2/cartridge-fuse=affected,o |2/cartridge-fuse=affected,o |penshift-enterprise-2/cartr |penshift-enterprise-2/cartr |idge-amq=affected,rhev-m-3/ |idge-amq=affected,rhev-m-3/ |jasperreports-server-pro=ne |jasperreports-server-pro=ne |w,rhmap-4/millicore=notaffe |w,rhmap-4/millicore=notaffe |cted,fedora-all/springframe |cted,fedora-all/springframe |work=affected,bpms-6/spring |work=affected,bpms-6/spring |framework=notaffected,brms- |framework=notaffected,brms- |6/springframework=notaffect |6/springframework=notaffect |ed,jdv-6/springframework=no |ed,jdv-6/springframework=no |taffected,fuse-6/karaf=affe |taffected,fuse-6/karaf=affe |cted,amq-6/karaf=affected,r |cted,amq-6/karaf=affected,r |hes-3/spring-framework=wont |hes-3/springframework=wontf |fix |ix
https://bugzilla.redhat.com/show_bug.cgi?id=1408164
--- Comment #6 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat JBoss Fuse
Via RHSA-2017:3115 https://access.redhat.com/errata/RHSA-2017:3115
java-sig-commits@lists.fedoraproject.org