Search criteria
4 vulnerabilities found for cayenne by apache
CVE-2022-24289 (GCVE-0-2022-24289)
Vulnerability from nvd – Published: 2022-02-11 12:20 – Updated: 2024-08-03 04:07
VLAI?
Title
Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions
Summary
Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to 'remote' applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an attacker with client access to Cayenne ROP can transmit a malicious payload to any vulnerable third-party dependency on the server. This can result in arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Cayenne |
Affected:
4.1 , ≤ 4.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/zthjy83t3o66x7xcbygn2vg3yjvlc9vc"
},
{
"name": "[oss-security] 20220211 CVE-2022-24289: Apache Cayenne: Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/02/11/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Cayenne",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1",
"status": "affected",
"version": "4.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Panda"
}
],
"descriptions": [
{
"lang": "en",
"value": "Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne\u0027s optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to \u0027remote\u0027 applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an attacker with client access to Cayenne ROP can transmit a malicious payload to any vulnerable third-party dependency on the server. This can result in arbitrary code execution."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-11T15:06:14.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/zthjy83t3o66x7xcbygn2vg3yjvlc9vc"
},
{
"name": "[oss-security] 20220211 CVE-2022-24289: Apache Cayenne: Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/02/11/1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions",
"workarounds": [
{
"lang": "en",
"value": "Either upgrade to Apache Cayenne 4.2 or a patched version of Java (after 6u211, 7u201, 8u191, and 11.0.1)\n\nAll versions of Apache Cayenne 4.2 have whitelisting enabled by default for the Hessian deserialization. Later versions of Java also have LDAP mitigation in place. Users can either upgrade Java or Apache Cayenne to avoid the issue.\n\nLDAP mitigation is present starting in JDK 6u211, 7u201, 8u191, and 11.0.1 where com.sun.jndi.ldap.object.trustURLCodebase system property is set to false by default to prevent JNDI from loading remote code through LDAP."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-24289",
"STATE": "PUBLIC",
"TITLE": "Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Cayenne",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.1",
"version_value": "4.1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Panda"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne\u0027s optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to \u0027remote\u0027 applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an attacker with client access to Cayenne ROP can transmit a malicious payload to any vulnerable third-party dependency on the server. This can result in arbitrary code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/zthjy83t3o66x7xcbygn2vg3yjvlc9vc",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/zthjy83t3o66x7xcbygn2vg3yjvlc9vc"
},
{
"name": "[oss-security] 20220211 CVE-2022-24289: Apache Cayenne: Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/02/11/1"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Either upgrade to Apache Cayenne 4.2 or a patched version of Java (after 6u211, 7u201, 8u191, and 11.0.1)\n\nAll versions of Apache Cayenne 4.2 have whitelisting enabled by default for the Hessian deserialization. Later versions of Java also have LDAP mitigation in place. Users can either upgrade Java or Apache Cayenne to avoid the issue.\n\nLDAP mitigation is present starting in JDK 6u211, 7u201, 8u191, and 11.0.1 where com.sun.jndi.ldap.object.trustURLCodebase system property is set to false by default to prevent JNDI from loading remote code through LDAP."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-24289",
"datePublished": "2022-02-11T12:20:15.000Z",
"dateReserved": "2022-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:07:02.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11758 (GCVE-0-2018-11758)
Vulnerability from nvd – Published: 2018-08-22 21:00 – Updated: 2024-09-16 20:07
VLAI?
Summary
This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a malicious XML file, the attacker will be able to instruct the XML parser built into CayenneModeler to transfer files from a local machine to a remote machine controlled by the attacker. The cause of the issue is XML parser processing XML External Entity (XXE) declarations included in XML. The vulnerability is addressed in Cayenne by disabling XXE processing in all operations that require XML parsing.
Severity ?
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Cayenne |
Affected:
4.1.M1
Affected: 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1 Affected: 3.1, 3.1.1, 3.1.2 |
Date Public ?
2018-08-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:17:09.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[cayenne-user] 20180822 CVE-2018-11758: Apache Cayenne XXE Vulnerability in CayenneModeler GUI tool",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c%40%3Cuser.cayenne.apache.org%3E"
},
{
"name": "105142",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Cayenne",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "4.1.M1"
},
{
"status": "affected",
"version": "3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1"
},
{
"status": "affected",
"version": "3.1, 3.1.1, 3.1.2"
}
]
}
],
"datePublic": "2018-08-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a malicious XML file, the attacker will be able to instruct the XML parser built into CayenneModeler to transfer files from a local machine to a remote machine controlled by the attacker. The cause of the issue is XML parser processing XML External Entity (XXE) declarations included in XML. The vulnerability is addressed in Cayenne by disabling XXE processing in all operations that require XML parsing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-28T09:57:01.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[cayenne-user] 20180822 CVE-2018-11758: Apache Cayenne XXE Vulnerability in CayenneModeler GUI tool",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c%40%3Cuser.cayenne.apache.org%3E"
},
{
"name": "105142",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-08-22T00:00:00",
"ID": "CVE-2018-11758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Cayenne",
"version": {
"version_data": [
{
"version_value": "4.1.M1"
},
{
"version_value": "3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1"
},
{
"version_value": "3.1, 3.1.1, 3.1.2"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a malicious XML file, the attacker will be able to instruct the XML parser built into CayenneModeler to transfer files from a local machine to a remote machine controlled by the attacker. The cause of the issue is XML parser processing XML External Entity (XXE) declarations included in XML. The vulnerability is addressed in Cayenne by disabling XXE processing in all operations that require XML parsing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[cayenne-user] 20180822 CVE-2018-11758: Apache Cayenne XXE Vulnerability in CayenneModeler GUI tool",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c@%3Cuser.cayenne.apache.org%3E"
},
{
"name": "105142",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-11758",
"datePublished": "2018-08-22T21:00:00.000Z",
"dateReserved": "2018-06-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:07:21.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24289 (GCVE-0-2022-24289)
Vulnerability from cvelistv5 – Published: 2022-02-11 12:20 – Updated: 2024-08-03 04:07
VLAI?
Title
Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions
Summary
Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to 'remote' applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an attacker with client access to Cayenne ROP can transmit a malicious payload to any vulnerable third-party dependency on the server. This can result in arbitrary code execution.
Severity ?
No CVSS data available.
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Cayenne |
Affected:
4.1 , ≤ 4.1
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/zthjy83t3o66x7xcbygn2vg3yjvlc9vc"
},
{
"name": "[oss-security] 20220211 CVE-2022-24289: Apache Cayenne: Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/02/11/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Cayenne",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "4.1",
"status": "affected",
"version": "4.1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Panda"
}
],
"descriptions": [
{
"lang": "en",
"value": "Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne\u0027s optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to \u0027remote\u0027 applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an attacker with client access to Cayenne ROP can transmit a malicious payload to any vulnerable third-party dependency on the server. This can result in arbitrary code execution."
}
],
"metrics": [
{
"other": {
"content": {
"other": "moderate"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-11T15:06:14.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/zthjy83t3o66x7xcbygn2vg3yjvlc9vc"
},
{
"name": "[oss-security] 20220211 CVE-2022-24289: Apache Cayenne: Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/02/11/1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions",
"workarounds": [
{
"lang": "en",
"value": "Either upgrade to Apache Cayenne 4.2 or a patched version of Java (after 6u211, 7u201, 8u191, and 11.0.1)\n\nAll versions of Apache Cayenne 4.2 have whitelisting enabled by default for the Hessian deserialization. Later versions of Java also have LDAP mitigation in place. Users can either upgrade Java or Apache Cayenne to avoid the issue.\n\nLDAP mitigation is present starting in JDK 6u211, 7u201, 8u191, and 11.0.1 where com.sun.jndi.ldap.object.trustURLCodebase system property is set to false by default to prevent JNDI from loading remote code through LDAP."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-24289",
"STATE": "PUBLIC",
"TITLE": "Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Cayenne",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "4.1",
"version_value": "4.1"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Panda"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne\u0027s optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to \u0027remote\u0027 applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an attacker with client access to Cayenne ROP can transmit a malicious payload to any vulnerable third-party dependency on the server. This can result in arbitrary code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{
"other": "moderate"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/zthjy83t3o66x7xcbygn2vg3yjvlc9vc",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/zthjy83t3o66x7xcbygn2vg3yjvlc9vc"
},
{
"name": "[oss-security] 20220211 CVE-2022-24289: Apache Cayenne: Deserialization of untrusted data in the Hessian Component of Apache Cayenne 4.1 with older Java versions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/02/11/1"
}
]
},
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Either upgrade to Apache Cayenne 4.2 or a patched version of Java (after 6u211, 7u201, 8u191, and 11.0.1)\n\nAll versions of Apache Cayenne 4.2 have whitelisting enabled by default for the Hessian deserialization. Later versions of Java also have LDAP mitigation in place. Users can either upgrade Java or Apache Cayenne to avoid the issue.\n\nLDAP mitigation is present starting in JDK 6u211, 7u201, 8u191, and 11.0.1 where com.sun.jndi.ldap.object.trustURLCodebase system property is set to false by default to prevent JNDI from loading remote code through LDAP."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-24289",
"datePublished": "2022-02-11T12:20:15.000Z",
"dateReserved": "2022-02-01T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:07:02.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-11758 (GCVE-0-2018-11758)
Vulnerability from cvelistv5 – Published: 2018-08-22 21:00 – Updated: 2024-09-16 20:07
VLAI?
Summary
This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a malicious XML file, the attacker will be able to instruct the XML parser built into CayenneModeler to transfer files from a local machine to a remote machine controlled by the attacker. The cause of the issue is XML parser processing XML External Entity (XXE) declarations included in XML. The vulnerability is addressed in Cayenne by disabling XXE processing in all operations that require XML parsing.
Severity ?
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Cayenne |
Affected:
4.1.M1
Affected: 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1 Affected: 3.1, 3.1.1, 3.1.2 |
Date Public ?
2018-08-22 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:17:09.028Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[cayenne-user] 20180822 CVE-2018-11758: Apache Cayenne XXE Vulnerability in CayenneModeler GUI tool",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c%40%3Cuser.cayenne.apache.org%3E"
},
{
"name": "105142",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Cayenne",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "4.1.M1"
},
{
"status": "affected",
"version": "3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1"
},
{
"status": "affected",
"version": "3.1, 3.1.1, 3.1.2"
}
]
}
],
"datePublic": "2018-08-22T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a malicious XML file, the attacker will be able to instruct the XML parser built into CayenneModeler to transfer files from a local machine to a remote machine controlled by the attacker. The cause of the issue is XML parser processing XML External Entity (XXE) declarations included in XML. The vulnerability is addressed in Cayenne by disabling XXE processing in all operations that require XML parsing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-28T09:57:01.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[cayenne-user] 20180822 CVE-2018-11758: Apache Cayenne XXE Vulnerability in CayenneModeler GUI tool",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c%40%3Cuser.cayenne.apache.org%3E"
},
{
"name": "105142",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2018-08-22T00:00:00",
"ID": "CVE-2018-11758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Cayenne",
"version": {
"version_data": [
{
"version_value": "4.1.M1"
},
{
"version_value": "3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1"
},
{
"version_value": "3.1, 3.1.1, 3.1.2"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a malicious XML file, the attacker will be able to instruct the XML parser built into CayenneModeler to transfer files from a local machine to a remote machine controlled by the attacker. The cause of the issue is XML parser processing XML External Entity (XXE) declarations included in XML. The vulnerability is addressed in Cayenne by disabling XXE processing in all operations that require XML parsing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[cayenne-user] 20180822 CVE-2018-11758: Apache Cayenne XXE Vulnerability in CayenneModeler GUI tool",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c@%3Cuser.cayenne.apache.org%3E"
},
{
"name": "105142",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2018-11758",
"datePublished": "2018-08-22T21:00:00.000Z",
"dateReserved": "2018-06-05T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:07:21.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}