CVE-2014-0245 - OpenCVE

It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain privileged information if WS-Security is enabled for the WSRP Consumer, and the endpoint in question is being used by a privileged user. This affects JBoss Portal 6.2.0.

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Jboss Portal

Configuration 1 [-]

cpe:2.3:a:redhat:jboss_portal:6.2.0:*:*:*:*:*:*:*

References

Link	Resource
https://access.redhat.com/errata/RHSA-2015:1009	Vendor Advisory
https://access.redhat.com/security/cve/cve-2014-0245	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0245	Issue Tracking Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2020-01-02T19:42:50

Updated: 2020-01-02T19:42:50

Reserved: 2013-12-03T00:00:00

Link: CVE-2014-0245

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-01-02T20:15:17.770

Modified: 2020-01-14T17:15:03.223

Link: CVE-2014-0245

JSON object: View

Redhat Information

No data.

CWE

CWE-362

{"containers": {"cna": {"affected": [{"product": "JBoss Portal", "vendor": "Red Hat", "versions": [{"status": "affected", "version": "6.2.0"}]}], "descriptions": [{"lang": "en", "value": "It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain privileged information if WS-Security is enabled for the WSRP Consumer, and the endpoint in question is being used by a privileged user. This affects JBoss Portal 6.2.0."}], "problemTypes": [{"descriptions": [{"description": "Information disclosure via unsafe concurrency handling in interceptor", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-02T19:42:50", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0245"}, {"tags": ["x_refsource_MISC"], "url": "https://access.redhat.com/security/cve/cve-2014-0245"}, {"tags": ["x_refsource_MISC"], "url": "https://access.redhat.com/errata/RHSA-2015:1009"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-0245", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "JBoss Portal", "version": {"version_data": [{"version_value": "6.2.0"}]}}]}, "vendor_name": "Red Hat"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain privileged information if WS-Security is enabled for the WSRP Consumer, and the endpoint in question is being used by a privileged user. This affects JBoss Portal 6.2.0."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information disclosure via unsafe concurrency handling in interceptor"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0245", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0245"}, {"name": "https://access.redhat.com/security/cve/cve-2014-0245", "refsource": "MISC", "url": "https://access.redhat.com/security/cve/cve-2014-0245"}, {"name": "https://access.redhat.com/errata/RHSA-2015:1009", "refsource": "MISC", "url": "https://access.redhat.com/errata/RHSA-2015:1009"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-0245", "datePublished": "2020-01-02T19:42:50", "dateReserved": "2013-12-03T00:00:00", "dateUpdated": "2020-01-02T19:42:50", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_portal:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE316DBF-6753-41A1-947B-1CA6184FC505", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain privileged information if WS-Security is enabled for the WSRP Consumer, and the endpoint in question is being used by a privileged user. This affects JBoss Portal 6.2.0."}, {"lang": "es", "value": "Se detect\u00f3 que la implementaci\u00f3n de la clase GTNSubjectCreatingInterceptor en gatein-wsrp no era segura para subprocesos o hilos. Para un endpoint WSRP espec\u00edfico, en escenarios de alta concurrencia o escenarios en los que los mensajes SOAP tardan en ser ejecutados, era posible que un atacante remoto no autenticado consiga informaci\u00f3n privilegiada si WS-Security est\u00e1 habilitado para el consumidor de WSRP, y el endpoint en cuesti\u00f3n est\u00e1 siendo utilizado por un usuario privilegiado. Esto afecta a JBoss Portal versi\u00f3n 6.2.0."}], "id": "CVE-2014-0245", "lastModified": "2020-01-14T17:15:03.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-02T20:15:17.770", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2015:1009"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/cve-2014-0245"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0245"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}