Lucene search

ApacheCVE-2021-40690

HistorySep 19, 2021 - 6:15 p.m.

CVE-2021-40690

2021-09-1918:15:07

CWE-200

apache

web.nvd.nist.gov

392

In Wild

apache santuario

xml security

java

cve-2021-40690

security vulnerability

xpath transform

retrievalmethod

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

43.8%

JSON

All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the “secureValidation” property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element.

Affected configurations

Nvd

Vulners

Node

apachesantuario_xml_security_for_javaRange<2.1.7

apachesantuario_xml_security_for_javaRange2.2.0–2.2.3

Node

apachecxfMatch3.4.4

apachetomeeRange<8.0.8

Node

debiandebian_linuxMatch9.0

debiandebian_linuxMatch10.0

debiandebian_linuxMatch11.0

Node

oracleagile_plmMatch9.3.6

oraclecommerce_guided_searchMatch11.3.2

oraclecommerce_platformMatch11.3.2

oraclecommunications_diameter_intelligence_hubRange8.0.0–8.1.0

oraclecommunications_diameter_intelligence_hubRange8.2.0–8.2.3

oraclecommunications_messaging_serverMatch8.1

oracleflexcube_private_bankingMatch12.1.0

oracleoutside_in_technologyMatch8.5.5

oraclepeoplesoft_enterprise_peopletoolsMatch8.58

oraclepeoplesoft_enterprise_peopletoolsMatch8.59

oracleretail_bulk_data_integrationMatch16.0.3

oracleretail_financial_integrationMatch14.1.3.2

oracleretail_financial_integrationMatch15.0.3.1

oracleretail_financial_integrationMatch16.0.3

oracleretail_financial_integrationMatch19.0.1

oracleretail_integration_busMatch14.1.3.2

oracleretail_integration_busMatch15.0.3.1

oracleretail_integration_busMatch16.0.3

oracleretail_integration_busMatch19.0.1

oracleretail_merchandising_systemMatch16.0.3

oracleretail_merchandising_systemMatch19.0.1

oracleretail_service_backboneMatch14.1.3.2

oracleretail_service_backboneMatch15.0.3.1

oracleretail_service_backboneMatch16.0.3

oracleretail_service_backboneMatch19.0.1

oracleweblogic_serverMatch12.2.1.4.0

oracleweblogic_serverMatch14.1.1.0.0

VendorProductVersionCPE
apachesantuario_xml_security_for_java*cpe:2.3:a:apache:santuario_xml_security_for_java:*:*:*:*:*:*:*:*
apachecxf3.4.4cpe:2.3:a:apache:cxf:3.4.4:*:*:*:*:*:*:*
apachetomee*cpe:2.3:a:apache:tomee:*:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
debiandebian_linux11.0cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
oracleagile_plm9.3.6cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
oraclecommerce_guided_search11.3.2cpe:2.3:a:oracle:commerce_guided_search:11.3.2:*:*:*:*:*:*:*
oraclecommerce_platform11.3.2cpe:2.3:a:oracle:commerce_platform:11.3.2:*:*:*:*:*:*:*
oraclecommunications_diameter_intelligence_hub*cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
apache	santuario_xml_security_for_java	*	cpe:2.3:a:apache:santuario_xml_security_for_java::::::::
apache	cxf	3.4.4	cpe:2.3:a:apache:cxf:3.4.4:::::::*
apache	tomee	*	cpe:2.3:a:apache:tomee::::::::
debian	debian_linux	9.0	cpe:2.3:o:debian:debian_linux:9.0:::::::*
debian	debian_linux	10.0	cpe:2.3:o:debian:debian_linux:10.0:::::::*
debian	debian_linux	11.0	cpe:2.3:o:debian:debian_linux:11.0:::::::*
oracle	agile_plm	9.3.6	cpe:2.3:a:oracle:agile_plm:9.3.6:::::::*
oracle	commerce_guided_search	11.3.2	cpe:2.3:a:oracle:commerce_guided_search:11.3.2:::::::*
oracle	commerce_platform	11.3.2	cpe:2.3:a:oracle:commerce_platform:11.3.2:::::::*
oracle	communications_diameter_intelligence_hub	*	cpe:2.3:a:oracle:communications_diameter_intelligence_hub::::::::

Rows per page:

1-10 of 321

CNA Affected

[
  {
    "vendor": "Apache Software Foundation",
    "product": "Apache Santuario",
    "versions": [
      {
        "version": "XML Security for Java",
        "status": "affected",
        "lessThan": "2.2.3,2.1.7",
        "versionType": "custom"
      }
    ]
  }
]