Bug 2270732 (CVE-2024-28752) - CVE-2024-28752 cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding
Summary: CVE-2024-28752 cxf-core: Apache CXF SSRF Vulnerability using the Aegis databi...
Keywords:
Status: NEW
Alias: CVE-2024-28752
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2270719
TreeView+ depends on / blocked
 
Reported: 2024-03-21 15:15 UTC by Patrick Del Bello
Modified: 2024-08-15 20:09 UTC (History)
57 users (show)

Fixed In Version: cxf-core 3.5.8, cxf-core 3.6.3, cxf-core 4.0.4
Doc Type: If docs needed, set a value
Doc Text:
A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2024:3559 0 None None None 2024-06-03 16:58:52 UTC
Red Hat Product Errata RHSA-2024:3560 0 None None None 2024-06-03 17:00:14 UTC
Red Hat Product Errata RHSA-2024:3561 0 None None None 2024-06-03 16:59:47 UTC
Red Hat Product Errata RHSA-2024:3563 0 None None None 2024-06-03 17:10:38 UTC
Red Hat Product Errata RHSA-2024:3708 0 None None None 2024-06-06 16:42:22 UTC
Red Hat Product Errata RHSA-2024:5479 0 None None None 2024-08-15 20:08:35 UTC
Red Hat Product Errata RHSA-2024:5481 0 None None None 2024-08-15 20:09:16 UTC
Red Hat Product Errata RHSA-2024:5482 0 None None None 2024-08-15 20:07:09 UTC

Description Patrick Del Bello 2024-03-21 15:15:01 UTC
A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.

https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt

Comment 7 errata-xmlrpc 2024-06-03 16:58:48 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7

Via RHSA-2024:3559 https://access.redhat.com/errata/RHSA-2024:3559

Comment 8 errata-xmlrpc 2024-06-03 16:59:44 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

Via RHSA-2024:3561 https://access.redhat.com/errata/RHSA-2024:3561

Comment 9 errata-xmlrpc 2024-06-03 17:00:10 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8

Via RHSA-2024:3560 https://access.redhat.com/errata/RHSA-2024:3560

Comment 10 errata-xmlrpc 2024-06-03 17:10:34 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2024:3563 https://access.redhat.com/errata/RHSA-2024:3563

Comment 11 errata-xmlrpc 2024-06-06 16:42:18 UTC
This issue has been addressed in the following products:

  Red Hat build of Apache Camel 3.20.6 for Spring Boot

Via RHSA-2024:3708 https://access.redhat.com/errata/RHSA-2024:3708

Comment 12 errata-xmlrpc 2024-08-15 20:07:06 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2024:5482 https://access.redhat.com/errata/RHSA-2024:5482

Comment 13 errata-xmlrpc 2024-08-15 20:08:31 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8

Via RHSA-2024:5479 https://access.redhat.com/errata/RHSA-2024:5479

Comment 14 errata-xmlrpc 2024-08-15 20:09:12 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9

Via RHSA-2024:5481 https://access.redhat.com/errata/RHSA-2024:5481


Note You need to log in before you can comment on or make changes to this bug.