CVE-2022-46363 - OpenCVE

A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Apache	Cxf

Configuration 1 [-]

OR	cpe:2.3:a:apache:cxf::::::::
	cpe:2.3:a:apache:cxf::::::::

References

Link	Resource
https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c	Mailing List Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: apache

Published: 2022-12-13T14:46:55.619Z

Updated: 2022-12-13T14:48:16.676Z

Reserved: 2022-12-02T08:07:29.876Z

Link: CVE-2022-46363

JSON object: View

NVD Information

Status : Modified

Published: 2022-12-13T15:15:11.677

Modified: 2023-11-07T03:55:35.590

Link: CVE-2022-46363

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-46363", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "requesterUserId": "cf81350d-439c-4450-9d42-0a054bb6b6c9", "dateReserved": "2022-12-02T08:07:29.876Z", "datePublished": "2022-12-13T14:46:55.619Z", "dateUpdated": "2022-12-13T14:48:16.676Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache CXF", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "3.5.5", "status": "affected", "version": "3.5", "versionType": "maven"}, {"lessThan": "3.4.10", "status": "affected", "version": "3.4", "versionType": "maven"}]}], "credits": [{"lang": "en", "type": "finder", "value": "thanat0s from Beijin Qihoo 360 adlab"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured.<br><br>"}], "value": "A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the\u00a0CXFServlet is configured with both the\u00a0static-resources-list and\u00a0redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured.\n\n"}], "metrics": [{"other": {"content": {"text": "moderate"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2022-12-13T14:48:16.676Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"}], "source": {"discovery": "EXTERNAL"}, "title": "Apache CXF directory listing / code exfiltration", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*", "matchCriteriaId": "17B5E32D-A436-4C79-BEE9-6A2DB162DC66", "versionEndExcluding": "3.4.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*", "matchCriteriaId": "11EC4474-4CB6-47CD-9E3D-A998A3C7226C", "versionEndExcluding": "3.5.5", "versionStartIncluding": "3.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Apache CXF before versions 3.5.5 and 3.4.10 allows an attacker to perform a remote directory listing or code exfiltration. The vulnerability only applies when the\u00a0CXFServlet is configured with both the\u00a0static-resources-list and\u00a0redirect-query-check attributes. These attributes are not supposed to be used together, and so the vulnerability can only arise if the CXF service is misconfigured.\n\n"}, {"lang": "es", "value": "Una vulnerabilidad en Apache CXF anterior a las versiones 3.5.5 y 3.4.10 permite a un atacante realizar un listado de directorio remoto o una filtraci\u00f3n de c\u00f3digo. La vulnerabilidad solo se aplica cuando CXFServlet est\u00e1 configurado con los atributos est\u00e1tico-recursos-lista y redirecci\u00f3n-query-check. Se supone que estos atributos no deben usarse juntos, por lo que la vulnerabilidad solo puede surgir si el servicio CXF est\u00e1 mal configurado."}], "id": "CVE-2022-46363", "lastModified": "2023-11-07T03:55:35.590", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-13T15:15:11.677", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security@apache.org", "type": "Primary"}]}