3 Replies Latest reply on May 8, 2015 9:43 AM by Juan Antonio Perez Flores

    Red Hat JBoss Vulnerability - Clarification

    ramakanta sahoo Newbie

      Hello eveyone,

      We have a customer who is using JBOSS 5.1.0 GA for the app server.
      We have received news on Application Vulnerability known as Red Hat JBoss Enterprise Application Platform Bugs Let Remote Users Obtain Potentially Sensitive Information and Remote Authenticated Users  Bypass Security Controls Please refer to the information below:

      Severity:
      Medium

      Version(s): JBOSS Enterprise Application Platform 6.3.3

      Description:
      Several vulnerabilities were reported in Red Hat JBoss Enterprise Application Platform. A remote authenticated user can add or modify system information. A remote authenticated user can bypass security restrictions.
      A remote user can obtain potentially sensitive information.

      A remote user that can send XML requests to a RESTEasy endpoing can send a specially crafted request that specifies external external entities to read files on the target system with the privileges of the target application server [CVE-2014-7839].

      A remote authenticated user with the Maintainer role can exploit a flaw in the Role Based Access Control (RBAC) implementation to add, modify, or undefine certain restricted attributes and values  [CVE-2014-7849].

      A remote authenticated user with a role that has access to attributes with socket-binding-ref but not to attributes with security-domain-ref sensitivity classification on the target JBoss Application Server(WildFly) can exploit a flaw in the JacORB subsystem to gain access to potentially sensitive information in the security-domain attribute [CVE-2014-7853].

      A remote authenticated user can exploit a policy fallback flaw in the org.jboss.security.plugins.mapping.JBossMappingManager implementation to bypass security restrictions [CVE-2014-7827]. The SAML2 STS LoginModule is affected.

      The system does not properly handle conversation state information when a conversation ends. A remote user may be able to access potentially sensitive information from a previous conversation [CVE-2014-8122].

      Impact:
      A remote authenticated user can add, modify, or undefine certain restricted attributes and values.

      A remote authenticated user can bypass security restrictions.

      A remote user can obtain potentially sensitive information.

      Affected OS(s):
      Linux (Red Hat Enterprise)

      Affected Version(s):
      10.5 Build 52.11 - 10.5 Build 55.8; 10.5.e Build 53-9010.e

      CVE:
      CVE-2014-7827, CVE-2014-7839, CVE-2014-7849, CVE-2014-7853, CVE-2014-8122

      Solution(s):
      Red Hat has issued a fix.

      The Red Hat advisories are available at:

      https://rhn[dot]redhat[dot]com/errata/RHSA-2015-0215[dot]html
      https://rhn[dot]redhat[dot]com/errata/RHSA-2015-0216[dot]html
      https://rhn[dot]redhat[dot]com/errata/RHSA-2015-0217[dot]html
      https://rhn[dot]redhat[dot]com/errata/RHSA-2015-0218[dot]html

      Red Hat has also issued a fix for CVE-2014-7827, CVE-2014-7839, and
      CVE-2014-8122 for Red Hat JBoss BPM Suite.

      The Red Hat advisory is available at:

      https://rhn[dot]redhat[dot]com/errata/RHSA-2015-0851[dot]html

      Red Hat has also issued a fix for for CVE-2014-7827, CVE-2014-7839, and
      CVE-2014-8122 for Red Hat JBoss Operations Network.

      The Red Hat advisory is available at:

      https://rhn[dot]redhat[dot]com/errata/RHSA-2015-0920[dot]html


      Reference(s):
      http://rhn[dot]redhat[dot]com/errata/RHSA-2015-0215[dot]html

      I would like to know if the above mentioned vulnerabilties are also present in the JBOSS 5.1.0 GA libraries. If so, are there any fixes for the same.

      Thanks,
      Darshan H