Bug 1814974 (CVE-2020-10688) - CVE-2020-10688 RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack
Summary: CVE-2020-10688 RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a r...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2020-10688
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 1811171
TreeView+ depends on / blocked
 
Reported: 2020-03-19 08:13 UTC by Ted Jongseok Won
Modified: 2021-10-14 13:19 UTC (History)
52 users (show)

Fixed In Version: resteasy 3.11.1.Final, resteasy 4.5.3.Final
Doc Type: If docs needed, set a value
Doc Text:
A cross-site scripting (XSS) flaw was found in RESTEasy, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.
Clone Of:
Environment:
Last Closed: 2020-05-28 17:20:29 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:2333 0 None None None 2020-05-28 16:00:11 UTC
Red Hat Product Errata RHSA-2020:2511 0 None None None 2020-06-10 19:06:08 UTC
Red Hat Product Errata RHSA-2020:2512 0 None None None 2020-06-11 07:17:33 UTC
Red Hat Product Errata RHSA-2020:2513 0 None None None 2020-06-11 07:09:19 UTC
Red Hat Product Errata RHSA-2020:2515 0 None None None 2020-06-10 19:24:25 UTC
Red Hat Product Errata RHSA-2020:2905 0 None None None 2020-07-23 07:04:54 UTC
Red Hat Product Errata RHSA-2020:3806 0 None None None 2020-09-23 16:27:23 UTC
Red Hat Product Errata RHSA-2021:3140 0 None None None 2021-08-11 18:23:00 UTC

Description Ted Jongseok Won 2020-03-19 08:13:25 UTC 
It was found that RESTEasy did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.

* Upstream fix: https://github.com/resteasy/Resteasy/pull/2320/files
Comment 4 Jonathan Christison 2020-03-23 16:38:59 UTC 
This vulnerability is out of security support scope for the following products:
 * Red Hat JBoss Fuse 6

Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details.
Comment 5 Salvatore Bonaccorso 2020-03-24 06:43:12 UTC 
Is this issue reported upstream for resteasy, and is there any additional reference to it which you could reference here?

Thank you already!
Comment 6 Ted Jongseok Won 2020-03-25 11:11:57 UTC 
External References:

https://github.com/quarkusio/quarkus/issues/7248
https://issues.redhat.com/browse/RESTEASY-2519
Comment 8 Ted Jongseok Won 2020-03-26 02:15:00 UTC 
In reply to comment #5:
> Is this issue reported upstream for resteasy, and is there any additional
> reference to it which you could reference here?
> 
> Thank you already!

Updated the related references to this BZ. Thanks!
Comment 16 errata-xmlrpc 2020-05-28 16:00:08 UTC 
This issue has been addressed in the following products:

  EAP-CD 19 Tech Preview

Via RHSA-2020:2333 https://access.redhat.com/errata/RHSA-2020:2333
Comment 17 Product Security DevOps Team 2020-05-28 17:20:29 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-10688
Comment 18 errata-xmlrpc 2020-06-10 19:06:05 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6

Via RHSA-2020:2511 https://access.redhat.com/errata/RHSA-2020:2511
Comment 19 errata-xmlrpc 2020-06-10 19:24:22 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2020:2515 https://access.redhat.com/errata/RHSA-2020:2515
Comment 20 errata-xmlrpc 2020-06-11 07:09:14 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8

Via RHSA-2020:2513 https://access.redhat.com/errata/RHSA-2020:2513
Comment 21 errata-xmlrpc 2020-06-11 07:17:29 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7

Via RHSA-2020:2512 https://access.redhat.com/errata/RHSA-2020:2512
Comment 22 errata-xmlrpc 2020-07-23 07:04:50 UTC 
This issue has been addressed in the following products:

  Red Hat Openshift Application Runtimes

Via RHSA-2020:2905 https://access.redhat.com/errata/RHSA-2020:2905
Comment 24 errata-xmlrpc 2020-09-23 16:27:20 UTC 
This issue has been addressed in the following products:

  Red Hat Runtimes Spring Boot 2.2.6

Via RHSA-2020:3806 https://access.redhat.com/errata/RHSA-2020:3806
Comment 27 errata-xmlrpc 2021-08-11 18:22:57 UTC 
This issue has been addressed in the following products:

  Red Hat Fuse 7.9

Via RHSA-2021:3140 https://access.redhat.com/errata/RHSA-2021:3140
Note You need to log in before you can comment on or make changes to this bug.