Bug 1135872 (CVE-2014-3579)
| Summary: | CVE-2014-3579 Apache ActiveMQ Apollo: XXE via XPath expression evaluation | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Arun Babu Neelicattu <aneelica> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | chazlett, dbosanac, grocha, security-response-team |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | activemq-apollo 1.8 | Doc Type: | Bug Fix |
| Doc Text: |
It was discovered that Apache ActiveMQ Apollo performed XML External Entity (XXE) expansion when evaluating XPath expressions. A remote, attacker-controlled consumer able to specify an XPath-based selector to dequeue XML messages from an Apache ActiveMQ Apollo broker could use this flaw to read files accessible to the user running the broker, and potentially perform other more advanced XXE attacks.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-02-05 22:55:58 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1130476 | ||
|
Description
Arun Babu Neelicattu
2014-09-01 05:09:09 UTC
Upstream Issue: https://issues.apache.org/jira/browse/APLO-366 Upstream Commit: http://git-wip-us.apache.org/repos/asf/activemq-apollo/commit/e5647554 Acknowledgements: Red Hat would like to thank Georgi Geshev of MWR Labs for reporting this issue. Statement: Not vulnerable. Apache ActiveMQ Apollo is not shipped with any supported Red Hat product. |