Bug 2155682 (CVE-2022-46364) - CVE-2022-46364 Apache CXF: SSRF Vulnerability
Summary: CVE-2022-46364 Apache CXF: SSRF Vulnerability
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-46364
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2153018
TreeView+ depends on / blocked
 
Reported: 2022-12-21 21:18 UTC by Zack Miele
Modified: 2024-02-06 04:26 UTC (History)
70 users (show)

Fixed In Version: Apache CXF 3.5.5, Apache CXF 3.4.10
Doc Type: If docs needed, set a value
Doc Text:
A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.
Clone Of:
Environment:
Last Closed: 2023-02-02 07:55:59 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:0163 0 None None None 2023-01-12 20:52:28 UTC
Red Hat Product Errata RHSA-2023:0164 0 None None None 2023-01-12 20:50:54 UTC
Red Hat Product Errata RHSA-2023:0483 0 None None None 2023-01-26 21:55:53 UTC
Red Hat Product Errata RHSA-2023:0544 0 None None None 2023-01-30 17:12:11 UTC
Red Hat Product Errata RHSA-2023:0552 0 None None None 2023-01-31 13:15:18 UTC
Red Hat Product Errata RHSA-2023:0553 0 None None None 2023-01-31 13:11:20 UTC
Red Hat Product Errata RHSA-2023:0554 0 None None None 2023-01-31 13:18:51 UTC
Red Hat Product Errata RHSA-2023:0556 0 None None None 2023-01-31 13:20:08 UTC
Red Hat Product Errata RHSA-2023:1043 0 None None None 2023-03-01 21:43:58 UTC
Red Hat Product Errata RHSA-2023:1044 0 None None None 2023-03-01 21:46:25 UTC
Red Hat Product Errata RHSA-2023:1045 0 None None None 2023-03-01 21:48:55 UTC
Red Hat Product Errata RHSA-2023:1047 0 None None None 2023-03-01 21:49:56 UTC
Red Hat Product Errata RHSA-2023:1049 0 None None None 2023-03-01 21:59:53 UTC
Red Hat Product Errata RHSA-2023:1285 0 None None None 2023-03-16 07:57:13 UTC
Red Hat Product Errata RHSA-2023:1286 0 None None None 2023-03-16 09:31:32 UTC
Red Hat Product Errata RHSA-2023:2041 0 None None None 2023-04-27 00:48:55 UTC
Red Hat Product Errata RHSA-2023:2135 0 None None None 2023-05-04 15:57:23 UTC
Red Hat Product Errata RHSA-2023:3641 0 None None None 2023-06-15 15:24:22 UTC
Red Hat Product Errata RHSA-2023:3954 0 None None None 2023-06-29 20:08:08 UTC

Description Zack Miele 2022-12-21 21:18:19 UTC 
A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.

https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2
Comment 4 errata-xmlrpc 2023-01-12 20:50:51 UTC 
This issue has been addressed in the following products:

  EAP 7.4 async

Via RHSA-2023:0164 https://access.redhat.com/errata/RHSA-2023:0164
Comment 5 errata-xmlrpc 2023-01-12 20:52:24 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7
  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8
  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

Via RHSA-2023:0163 https://access.redhat.com/errata/RHSA-2023:0163
Comment 6 errata-xmlrpc 2023-01-26 21:55:50 UTC 
This issue has been addressed in the following products:

  Red Hat Fuse 7.11.1.P1

Via RHSA-2023:0483 https://access.redhat.com/errata/RHSA-2023:0483
Comment 7 errata-xmlrpc 2023-01-30 17:12:06 UTC 
This issue has been addressed in the following products:

  RHINT Camel-Springboot 3.14.5.P1

Via RHSA-2023:0544 https://access.redhat.com/errata/RHSA-2023:0544
Comment 8 errata-xmlrpc 2023-01-31 13:11:15 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8

Via RHSA-2023:0553 https://access.redhat.com/errata/RHSA-2023:0553
Comment 9 errata-xmlrpc 2023-01-31 13:15:13 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7

Via RHSA-2023:0552 https://access.redhat.com/errata/RHSA-2023:0552
Comment 10 errata-xmlrpc 2023-01-31 13:18:47 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

Via RHSA-2023:0554 https://access.redhat.com/errata/RHSA-2023:0554
Comment 11 errata-xmlrpc 2023-01-31 13:20:02 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2023:0556 https://access.redhat.com/errata/RHSA-2023:0556
Comment 12 Product Security DevOps Team 2023-02-02 07:55:53 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-46364
Comment 13 errata-xmlrpc 2023-03-01 21:43:53 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 7

Via RHSA-2023:1043 https://access.redhat.com/errata/RHSA-2023:1043
Comment 14 errata-xmlrpc 2023-03-01 21:46:20 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 8

Via RHSA-2023:1044 https://access.redhat.com/errata/RHSA-2023:1044
Comment 15 errata-xmlrpc 2023-03-01 21:48:50 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 9

Via RHSA-2023:1045 https://access.redhat.com/errata/RHSA-2023:1045
Comment 16 errata-xmlrpc 2023-03-01 21:49:52 UTC 
This issue has been addressed in the following products:

  RHEL-8 based Middleware Containers

Via RHSA-2023:1047 https://access.redhat.com/errata/RHSA-2023:1047
Comment 17 errata-xmlrpc 2023-03-01 21:59:49 UTC 
This issue has been addressed in the following products:

  Red Hat Single Sign-On

Via RHSA-2023:1049 https://access.redhat.com/errata/RHSA-2023:1049
Comment 18 errata-xmlrpc 2023-03-16 07:57:09 UTC 
This issue has been addressed in the following products:

  Migration Toolkit for Runtimes 1 on RHEL 8

Via RHSA-2023:1285 https://access.redhat.com/errata/RHSA-2023:1285
Comment 19 errata-xmlrpc 2023-03-16 09:31:27 UTC 
This issue has been addressed in the following products:

  Migration Toolkit for Runtimes 1 on RHEL 8

Via RHSA-2023:1286 https://access.redhat.com/errata/RHSA-2023:1286
Comment 20 errata-xmlrpc 2023-04-27 00:48:52 UTC 
This issue has been addressed in the following products:

  MTA-6.1-RHEL-8

Via RHSA-2023:2041 https://access.redhat.com/errata/RHSA-2023:2041
Comment 21 errata-xmlrpc 2023-05-04 15:57:19 UTC 
This issue has been addressed in the following products:

  Red Hat Process Automation

Via RHSA-2023:2135 https://access.redhat.com/errata/RHSA-2023:2135
Comment 22 errata-xmlrpc 2023-06-15 15:24:17 UTC 
This issue has been addressed in the following products:

  RHINT Camel-Springboot 3.18.3.P2

Via RHSA-2023:3641 https://access.redhat.com/errata/RHSA-2023:3641
Comment 23 Patrick Del Bello 2023-06-20 18:43:03 UTC 
The RH-SSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.
Comment 24 errata-xmlrpc 2023-06-29 20:08:04 UTC 
This issue has been addressed in the following products:

  Red Hat Fuse 7.12

Via RHSA-2023:3954 https://access.redhat.com/errata/RHSA-2023:3954
Note You need to log in before you can comment on or make changes to this bug.