CVE-2015-0226 - OpenCVE

Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Wss4j

Configuration 1 [-]

OR	cpe:2.3:a:apache:wss4j::::::::
	cpe:2.3:a:apache:wss4j:2.0:beta::::::
	cpe:2.3:a:apache:wss4j:2.0.0:::::::*
	cpe:2.3:a:apache:wss4j:2.0.0:rc1::::::
	cpe:2.3:a:apache:wss4j:2.0.1:::::::*

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2015-0846.html
http://rhn.redhat.com/errata/RHSA-2015-0847.html
http://rhn.redhat.com/errata/RHSA-2015-0848.html
http://rhn.redhat.com/errata/RHSA-2015-0849.html
http://rhn.redhat.com/errata/RHSA-2015-1176.html
http://rhn.redhat.com/errata/RHSA-2015-1177.html
http://www.securityfocus.com/bid/72553	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2016:1376
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us
https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc	Issue Tracking Vendor Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2017-10-30T14:00:00

Updated: 2019-07-23T22:31:30

Reserved: 2014-11-18T00:00:00

Link: CVE-2015-0226

JSON object: View

NVD Information

Status : Modified

Published: 2017-10-30T14:29:00.657

Modified: 2019-07-23T23:15:18.880

Link: CVE-2015-0226

JSON object: View

Redhat Information

No data.

CWE

CWE-327

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-02-15T00:00:00", "descriptions": [{"lang": "en", "value": "Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-23T22:31:30", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2016:1376", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2016:1376"}, {"name": "RHSA-2015:0849", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0849.html"}, {"name": "RHSA-2015:1176", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1176.html"}, {"name": "RHSA-2015:1177", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1177.html"}, {"name": "RHSA-2015:0848", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0848.html"}, {"name": "RHSA-2015:0846", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0846.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc"}, {"name": "RHSA-2015:0847", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0847.html"}, {"name": "72553", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/72553"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-0226", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2016:1376", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1376"}, {"name": "RHSA-2015:0849", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0849.html"}, {"name": "RHSA-2015:1176", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1176.html"}, {"name": "RHSA-2015:1177", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1177.html"}, {"name": "RHSA-2015:0848", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0848.html"}, {"name": "RHSA-2015:0846", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0846.html"}, {"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us"}, {"name": "https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc", "refsource": "CONFIRM", "url": "https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc"}, {"name": "RHSA-2015:0847", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0847.html"}, {"name": "72553", "refsource": "BID", "url": "http://www.securityfocus.com/bid/72553"}, {"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-0226", "datePublished": "2017-10-30T14:00:00", "dateReserved": "2014-11-18T00:00:00", "dateUpdated": "2019-07-23T22:31:30", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:wss4j:*:*:*:*:*:*:*:*", "matchCriteriaId": "74202DCA-B961-4842-B4F5-BC9BE9F57CF4", "versionEndIncluding": "1.6.16", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:wss4j:2.0:beta:*:*:*:*:*:*", "matchCriteriaId": "4DE40CF6-930C-4B29-9E0F-8CB2DD29C569", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:wss4j:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B6908C68-6E5B-4412-A6B1-E87EAA76249D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:wss4j:2.0.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "1BCF037D-27B1-40C8-A501-64818D7B6E02", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:wss4j:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACFB231E-B649-4A7F-B9D0-DC0BACC0B682", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487."}, {"lang": "es", "value": "Apache WSS4J versiones anteriores a 1.6.17 y versiones 2.0.x anteriores a 2.0.2, filtra informaci\u00f3n inapropiadamente sobre fallos de descifrado cuando se descifra una clave o datos de mensajes cifrados, lo que facilita a atacantes remotos recuperar el formulario de texto plano de una clave sim\u00e9trica por medio de una serie de mensajes dise\u00f1ados. NOTA: esta vulnerabilidad se presenta debido a una correcci\u00f3n incompleta de CVE-2011-2487."}], "id": "CVE-2015-0226", "lastModified": "2019-07-23T23:15:18.880", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-30T14:29:00.657", "references": [{"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-0846.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-0847.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-0848.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-0849.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1176.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1177.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/72553"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2016:1376"}, {"source": "secalert@redhat.com", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03900en_us"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://ws.apache.org/wss4j/advisories/CVE-2015-0226.txt.asc"}, {"source": "secalert@redhat.com", "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-327"}], "source": "nvd@nist.gov", "type": "Primary"}]}