Bug 1203341 (CVE-2015-0264) - CVE-2015-0264 Camel: XXE via XPath expression evaluation
Summary: CVE-2015-0264 Camel: XXE via XPath expression evaluation
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2015-0264
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1217647 1217645 1217646 1217648 1217649 1217650 1217651 1217652 1217653 1217654
Blocks: 1203345 1222987 1244364 1288332 1385169
TreeView+ depends on / blocked
 
Reported: 2015-03-18 15:44 UTC by Martin Prpič
Modified: 2021-02-17 05:31 UTC (History)
28 users (show)

Fixed In Version: Camel 2.13.4, Camel 2.14.2
Doc Type: Bug Fix
Doc Text:
It was found that Apache Camel performed XML External Entity (XXE) expansion when evaluating invalid XML Strings or invalid XML GenericFile objects. A remote attacker able to submit a crafted XML message could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.
Clone Of:
Environment:
Last Closed: 2019-06-08 02:40:01 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:1041 0 normal SHIPPED_LIVE Moderate: Red Hat JBoss Fuse/A-MQ 6.1.0 update 2015-06-01 21:08:08 UTC
Red Hat Product Errata RHSA-2015:1538 0 normal SHIPPED_LIVE Moderate: Red Hat JBoss BRMS 6.1.2 update 2015-08-03 23:41:41 UTC
Red Hat Product Errata RHSA-2015:1539 0 normal SHIPPED_LIVE Moderate: Red Hat JBoss BPM Suite 6.1.2 update 2015-08-03 23:41:04 UTC
Red Hat Product Errata RHSA-2015:2558 0 normal SHIPPED_LIVE Important: Red Hat JBoss Fuse Service Works 6.2.1 update 2015-12-08 01:46:48 UTC

Description Martin Prpič 2015-03-18 15:44:52 UTC 
It was found that Apache Camel performed XML External Entity (XXE) expansion when evaluating invalid XML Strings or invalid XML GenericFile objects. A remote attacker able to submit a crafted XML message could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.

Upstream patch:

https://git-wip-us.apache.org/repos/asf?p=camel.git;a=commitdiff;h=1df559649a96a1ca0368373387e542f46e4820da

External References:

https://camel.apache.org/security-advisories.data/CVE-2015-0264.txt.asc
Comment 6 errata-xmlrpc 2015-06-01 17:08:14 UTC 
This issue has been addressed in the following products:

  JBoss Fuse/A-MQ 6.1.0

Via RHSA-2015:1041 https://rhn.redhat.com/errata/RHSA-2015-1041.html
Comment 7 errata-xmlrpc 2015-08-03 19:41:20 UTC 
This issue has been addressed in the following products:

  JBoss BPM Suite 6.1.2

Via RHSA-2015:1539 https://rhn.redhat.com/errata/RHSA-2015-1539.html
Comment 8 errata-xmlrpc 2015-08-03 19:41:47 UTC 
This issue has been addressed in the following products:

  JBoss BRMS 6.1.2

Via RHSA-2015:1538 https://rhn.redhat.com/errata/RHSA-2015-1538.html
Comment 9 errata-xmlrpc 2015-12-07 20:51:43 UTC 
This issue has been addressed in the following products:

  JBoss Fuse Service Works 6.2.1

Via RHSA-2015:2558 https://rhn.redhat.com/errata/RHSA-2015-2558.html
Note You need to log in before you can comment on or make changes to this bug.