CVE-2018-1337 - OpenCVE

In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contained in this request (including the credentials when sending a BIND request).

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Directory Ldap Api

Configuration 1 [-]

cpe:2.3:a:apache:directory_ldap_api:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/104744	Third Party Advisory VDB Entry
https://lists.apache.org/thread.html/d66081195e9a02ee7cc20fb243b60467d1419586eed28297d820768f%40%3Cdev.directory.apache.org%3E
https://lists.apache.org/thread.html/r0e645b3f6ca977dc60b7cec231215c59a9471736c2402c1fef5a0616%40%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r1815fb5b0c345f571c740e7a1b48d7477647edd4ffcf9d5321e69446%40%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r1a258430d820a90ff9d4558319296cc517ff2252327d7b3546d16749%40%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4da40aa50cfdb2158898f2bc6df81feec1d42c6a06db6537d5cc0496%40%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r55e74532e7f9e84ecfa56b4e0a50a5fe0ba6f7a76880520e4400b0d7%40%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r56b304fb9960c869995efbb31da3b9b7c6d53ee31f7f7048eb80434b%40%3Cdev.kafka.apache.org%3E

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: apache

Published: 2018-07-10T00:00:00

Updated: 2020-08-24T14:06:20

Reserved: 2017-12-07T00:00:00

Link: CVE-2018-1337

JSON object: View

NVD Information

Status : Modified

Published: 2018-07-10T13:29:00.293

Modified: 2023-11-07T02:55:59.343

Link: CVE-2018-1337

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "Apache Directory", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "LDAP API prior to 1.0.2"}]}], "datePublic": "2018-07-10T00:00:00", "descriptions": [{"lang": "en", "value": "In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contained in this request (including the credentials when sending a BIND request)."}], "problemTypes": [{"descriptions": [{"description": "Plaintext Password Disclosure in Secured Channel", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-08-24T14:06:20", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"name": "104744", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/104744"}, {"name": "[directory-dev] 20180710 [Annoucement] CVE-2018-1337 Plaintext Password Disclosure in Secured Channel", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/d66081195e9a02ee7cc20fb243b60467d1419586eed28297d820768f%40%3Cdev.directory.apache.org%3E"}, {"name": "[kafka-jira] 20200818 [jira] [Assigned] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r1a258430d820a90ff9d4558319296cc517ff2252327d7b3546d16749%40%3Cjira.kafka.apache.org%3E"}, {"name": "[kafka-dev] 20200818 [jira] [Created] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r56b304fb9960c869995efbb31da3b9b7c6d53ee31f7f7048eb80434b%40%3Cdev.kafka.apache.org%3E"}, {"name": "[kafka-jira] 20200818 [jira] [Created] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r55e74532e7f9e84ecfa56b4e0a50a5fe0ba6f7a76880520e4400b0d7%40%3Cjira.kafka.apache.org%3E"}, {"name": "[kafka-jira] 20200819 [jira] [Updated] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r4da40aa50cfdb2158898f2bc6df81feec1d42c6a06db6537d5cc0496%40%3Cjira.kafka.apache.org%3E"}, {"name": "[kafka-jira] 20200824 [jira] [Resolved] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r0e645b3f6ca977dc60b7cec231215c59a9471736c2402c1fef5a0616%40%3Cjira.kafka.apache.org%3E"}, {"name": "[kafka-dev] 20200824 [jira] [Resolved] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r1815fb5b0c345f571c740e7a1b48d7477647edd4ffcf9d5321e69446%40%3Cdev.kafka.apache.org%3E"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "DATE_PUBLIC": "2018-07-10T00:00:00", "ID": "CVE-2018-1337", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Directory", "version": {"version_data": [{"version_value": "LDAP API prior to 1.0.2"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contained in this request (including the credentials when sending a BIND request)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Plaintext Password Disclosure in Secured Channel"}]}]}, "references": {"reference_data": [{"name": "104744", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104744"}, {"name": "[directory-dev] 20180710 [Annoucement] CVE-2018-1337 Plaintext Password Disclosure in Secured Channel", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/d66081195e9a02ee7cc20fb243b60467d1419586eed28297d820768f@%3Cdev.directory.apache.org%3E"}, {"name": "[kafka-jira] 20200818 [jira] [Assigned] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1a258430d820a90ff9d4558319296cc517ff2252327d7b3546d16749@%3Cjira.kafka.apache.org%3E"}, {"name": "[kafka-dev] 20200818 [jira] [Created] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r56b304fb9960c869995efbb31da3b9b7c6d53ee31f7f7048eb80434b@%3Cdev.kafka.apache.org%3E"}, {"name": "[kafka-jira] 20200818 [jira] [Created] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r55e74532e7f9e84ecfa56b4e0a50a5fe0ba6f7a76880520e4400b0d7@%3Cjira.kafka.apache.org%3E"}, {"name": "[kafka-jira] 20200819 [jira] [Updated] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r4da40aa50cfdb2158898f2bc6df81feec1d42c6a06db6537d5cc0496@%3Cjira.kafka.apache.org%3E"}, {"name": "[kafka-jira] 20200824 [jira] [Resolved] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r0e645b3f6ca977dc60b7cec231215c59a9471736c2402c1fef5a0616@%3Cjira.kafka.apache.org%3E"}, {"name": "[kafka-dev] 20200824 [jira] [Resolved] (KAFKA-10414) Upgrade api-util dependency - CVE-2018-1337", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1815fb5b0c345f571c740e7a1b48d7477647edd4ffcf9d5321e69446@%3Cdev.kafka.apache.org%3E"}]}}}}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2018-1337", "datePublished": "2018-07-10T00:00:00", "dateReserved": "2017-12-07T00:00:00", "dateUpdated": "2020-08-24T14:06:20", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:directory_ldap_api:*:*:*:*:*:*:*:*", "matchCriteriaId": "ACB64EAC-EC76-4C37-89A4-FB99CFF2721C", "versionEndExcluding": "1.0.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contained in this request (including the credentials when sending a BIND request)."}, {"lang": "es", "value": "En la API LDAP de Apache Directory, en versiones anteriores a la 1.0.2, un error en la forma en la que el filtro SSL se configuraba hac\u00eda posible que otro hilo empleara la conexi\u00f3n antes de que se estableciera la capa TLS, si la conexi\u00f3n ya se hab\u00eda empleado y colocado de nuevo en un grupo de conexiones, lo que conducir\u00eda al filtrado de cualquier tipo de informaci\u00f3n contenida en esta petici\u00f3n (incluyendo las credenciales al enviar una petici\u00f3n BIND)."}], "id": "CVE-2018-1337", "lastModified": "2023-11-07T02:55:59.343", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-07-10T13:29:00.293", "references": [{"source": "security@apache.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/104744"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/d66081195e9a02ee7cc20fb243b60467d1419586eed28297d820768f%40%3Cdev.directory.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r0e645b3f6ca977dc60b7cec231215c59a9471736c2402c1fef5a0616%40%3Cjira.kafka.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r1815fb5b0c345f571c740e7a1b48d7477647edd4ffcf9d5321e69446%40%3Cdev.kafka.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r1a258430d820a90ff9d4558319296cc517ff2252327d7b3546d16749%40%3Cjira.kafka.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r4da40aa50cfdb2158898f2bc6df81feec1d42c6a06db6537d5cc0496%40%3Cjira.kafka.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r55e74532e7f9e84ecfa56b4e0a50a5fe0ba6f7a76880520e4400b0d7%40%3Cjira.kafka.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r56b304fb9960c869995efbb31da3b9b7c6d53ee31f7f7048eb80434b%40%3Cdev.kafka.apache.org%3E"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}