exploit the possibilities

Red Hat Security Advisory 2020-2905-01

Red Hat Security Advisory 2020-2905-01
Posted Jul 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2905-01 - This release of Red Hat build of Thorntail 2.7.0 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include bypass, code execution, cross site scripting, memory exhaustion, and traversal vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2019-12423, CVE-2019-17573, CVE-2020-10688, CVE-2020-10705, CVE-2020-10719, CVE-2020-1695, CVE-2020-1697, CVE-2020-1698, CVE-2020-1714, CVE-2020-1718, CVE-2020-1719, CVE-2020-1724, CVE-2020-1727, CVE-2020-1732, CVE-2020-1744, CVE-2020-1745, CVE-2020-1757, CVE-2020-6950
MD5 | 967e492d0ac87f72690605873103b03c

Red Hat Security Advisory 2020-2905-01

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Important: Red Hat build of Thorntail 2.7.0 security and bug fix update
Advisory ID: RHSA-2020:2905-01
Product: Red Hat OpenShift Application Runtimes
Advisory URL: https://access.redhat.com/errata/RHSA-2020:2905
Issue date: 2020-07-23
CVE Names: CVE-2019-12423 CVE-2019-17573 CVE-2020-1695
CVE-2020-1697 CVE-2020-1698 CVE-2020-1714
CVE-2020-1718 CVE-2020-1719 CVE-2020-1724
CVE-2020-1727 CVE-2020-1732 CVE-2020-1744
CVE-2020-1745 CVE-2020-1757 CVE-2020-6950
CVE-2020-10688 CVE-2020-10705 CVE-2020-10719
====================================================================
1. Summary:

An update is now available for Red Hat build of Thorntail.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each
vulnerability. For more information, see the CVE links in the References
section.

2. Description:

This release of Red Hat build of Thorntail 2.7.0 includes security updates,
bug fixes, and enhancements. For more information, see the release notes
listed in the References section.

Security Fix(es):

* Wildfly: EJBContext principal is not popped back after invoking another
EJB using a different Security Domain (CVE-2020-1719)

* cxf: reflected XSS in the services listing page (CVE-2019-17573)

* undertow: AJP File Read/Inclusion Vulnerability (CVE-2020-1745)

* Mojarra: Path traversal via either the loc parameter or the con
parameter, incomplete fix of CVE-2018-14371 (CVE-2020-6950)

* resteasy: Improper validation of response header in
MediaTypeHeaderDelegate.java class (CVE-2020-1695)

* undertow: servletPath is normalized incorrectly leading to dangerous
application mapping which could result in security bypass (CVE-2020-1757)

* keycloak: stored XSS in client settings via application links
(CVE-2020-1697)

* keycloak: problem with privacy after user logout (CVE-2020-1724)

* keycloak: Password leak by logged exception in HttpMethod class
(CVE-2020-1698)

* cxf: OpenId Connect token service does not properly validate the clientId
(CVE-2019-12423)

* Soteria: security identity corruption across concurrent threads
(CVE-2020-1732)

* keycloak: missing input validation in IDP authorization URLs
(CVE-2020-1727)

* keycloak: failedLogin Event not sent to BruteForceProtector when using
Post Login Flow with Conditional-OTP (CVE-2020-1744)

* keycloak: security issue on reset credential flow (CVE-2020-1718)

* keycloak: Lack of checks in ObjectInputStream leading to Remote Code
Execution (CVE-2020-1714)

* RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected
XSS attack (CVE-2020-10688)

* undertow: invalid HTTP request with large chunk size (CVE-2020-10719)

* undertow: Memory exhaustion issue in HttpReadListener via "Expect: 100-
continue" header (CVE-2020-10705)

For more details about the security issues and their impact, the CVSS
score, acknowledgements, and other related information, see the CVE pages
listed in the References section.

3. Solution:

Before applying the update, back up your existing installation, including
all applications, configuration files, databases and database settings, and
so on.

The References section of this erratum contains a download link for the
update. You must be logged in to download the update.

4. Bugs fixed (https://bugzilla.redhat.com/):

1705975 - CVE-2020-1714 keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution
1730462 - CVE-2020-1695 resteasy: Improper validation of response header in MediaTypeHeaderDelegate.java class
1752770 - CVE-2020-1757 undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass
1790292 - CVE-2020-1698 keycloak: Password leak by logged exception in HttpMethod class
1791538 - CVE-2020-1697 keycloak: stored XSS in client settings via application links
1796617 - CVE-2020-1719 Wildfly: EJBContext principal is not popped back after invoking another EJB using a different Security Domain
1796756 - CVE-2020-1718 keycloak: security issue on reset credential flow
1797006 - CVE-2019-12423 cxf: OpenId Connect token service does not properly validate the clientId
1797011 - CVE-2019-17573 cxf: reflected XSS in the services listing page
1800527 - CVE-2020-1724 keycloak: problem with privacy after user logout
1800573 - CVE-2020-1727 keycloak: missing input validation in IDP authorization URLs
1801726 - CVE-2020-1732 Soteria: security identity corruption across concurrent threads
1803241 - CVE-2020-10705 undertow: Memory exhaustion issue in HttpReadListener via "Expect: 100-continue" header
1805006 - CVE-2020-6950 Mojarra: Path traversal via either the loc parameter or the con parameter, incomplete fix of CVE-2018-14371
1805792 - CVE-2020-1744 keycloak: failedLogin Event not sent to BruteForceProtector when using Post Login Flow with Conditional-OTP
1807305 - CVE-2020-1745 undertow: AJP File Read/Inclusion Vulnerability
1814974 - CVE-2020-10688 RESTEasy: RESTEASY003870 exception in RESTEasy can lead to a reflected XSS attack
1828459 - CVE-2020-10719 undertow: invalid HTTP request with large chunk size

5. References:

https://access.redhat.com/security/cve/CVE-2019-12423
https://access.redhat.com/security/cve/CVE-2019-17573
https://access.redhat.com/security/cve/CVE-2020-1695
https://access.redhat.com/security/cve/CVE-2020-1697
https://access.redhat.com/security/cve/CVE-2020-1698
https://access.redhat.com/security/cve/CVE-2020-1714
https://access.redhat.com/security/cve/CVE-2020-1718
https://access.redhat.com/security/cve/CVE-2020-1719
https://access.redhat.com/security/cve/CVE-2020-1724
https://access.redhat.com/security/cve/CVE-2020-1727
https://access.redhat.com/security/cve/CVE-2020-1732
https://access.redhat.com/security/cve/CVE-2020-1744
https://access.redhat.com/security/cve/CVE-2020-1745
https://access.redhat.com/security/cve/CVE-2020-1757
https://access.redhat.com/security/cve/CVE-2020-6950
https://access.redhat.com/security/cve/CVE-2020-10688
https://access.redhat.com/security/cve/CVE-2020-10705
https://access.redhat.com/security/cve/CVE-2020-10719
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&productÊtRhoar.thorntail&version=2.7.0
https://access.redhat.com/documentation/en-us/red_hat_build_of_thorntail/2.7/html/release_notes_for_thorntail_2.7/

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXxk2rdzjgjWX9erEAQjSbQ//e0FG83JQFpQV7HUEsjPMB7+tT0UgoTXQ
KnfasEPEP7wnPU07lZiVW94sxhUC/hAhce1KWIR3nT3uesMO4S+7o2vmgOwax1G7
yYsG1SRX4KK5Ma7Qvyx8lM+6TN0MNNrXGvFsqcYF1pJBL/1tfZfb/ciiqjrsR0Tp
v20FKuNrNmn4IPRzN04AZafOG9tXQ8XMqkJaWxh8s4dupvElG4ywmYletwYLYMxS
5X+SVmQ9TtGSgJF6HUGoL0wsTbMtdlJPRrchhbjzAi00ZY5hElVa+MOzdyCFYygv
ev0iz9m0foF1bXfbJTfpzbOnz/f3uJUTKCzz+mLf3voeqbvXnzUNn74MXZQynR8G
LNFVpLo0U/d0wULkSSdFjqer+IxeUWRwcl2km1U42f+0BiCb4K3uHIjhkfAdRFFQ
7K8Nl/2GfJnLywD8693xSKi/6MeCHC2HhrYb9A89lXoebX/3WXkNUC4ReGL80+fg
3z7793xt6QzV9V+WOH8NbQS4SzpAOkusHMew7sQpLxU8r9uaF1KibshjUGq/rZlA
YswTjYHqNLja7kx8GDejpO/RAhMq6asm38YtFzY+Qtipe8xcAxSrTiO6FLN+Xv0M
YlvsaeWblymoLwbQ5ON59VoFFe1YgzIQP0CJEbWbnJl0UHdIldAbv22e4Trnw58t
ZwsJot3fnjU=2k8f
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
Login or Register to add favorites

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close