Vulnerability Description
Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making the validation incomplete.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Thrift | >= 0.5.0, <= 0.11.0 |
| Debian | Debian Linux | 8.0 |
| F5 | Traffix Signaling Delivery Controller | >= 5.0.0, <= 5.1.0 |
| Oracle | Global Lifecycle Management Opatch | < 11.2.0.3.23 |
| Oracle | Nosql Database | < 19.3.12 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2019/07/24/3Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/106551Third Party AdvisoryVDB Entry
- https://access.redhat.com/errata/RHSA-2019:2413Third Party Advisory
- https://lists.apache.org/thread.html/07c3cd5a2953a4b253eee4437b1397b1603d0f88643
- https://lists.apache.org/thread.html/187684ac8b94d55256253f5220cb55e8bd568afdf9a
- https://lists.apache.org/thread.html/3d3b6849fcf4cd1e87703b3dde0d57aabeb9ba0193d
- https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e
- https://lists.apache.org/thread.html/6b07f6f618155c777191b4fad8ade0f0cf4ed4c12a1
- https://lists.apache.org/thread.html/8be5b16c02567fff61b1284e5df433a4e38617bc7de
- https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12e
- https://lists.apache.org/thread.html/da5234b5e78f1c99190407f791dfe1bf6c58de8d30d
- https://lists.apache.org/thread.html/dbe3a39b48900318ad44494e8721f786901ba4520cd
- https://lists.apache.org/thread.html/dfee89880c84874058c6a584d8128468f8d3c2ac250
- https://lists.apache.org/thread.html/e825ff2f4e129c0ecdb6a19030b53c1ccdf810a8980
- https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d28
FAQ
What is CVE-2018-1320?
CVE-2018-1320 is a vulnerability with a CVSS score of 7.5 (HIGH). Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine i...
How severe is CVE-2018-1320?
CVE-2018-1320 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-1320?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Thrift, Debian Debian Linux, F5 Traffix Signaling Delivery Controller, Oracle Global Lifecycle Management Opatch, Oracle Nosql Database.