Vulnerability Description
Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apache | Cxf | < 3.2.13 |
| Oracle | Communications Diameter Signaling Router | >= 8.0.0, <= 8.2.2 |
| Oracle | Communications Element Manager | >= 8.2.0, <= 8.2.2 |
| Oracle | Communications Session Report Manager | >= 8.2.0, <= 8.2.2 |
| Oracle | Enterprise Manager Base Platform | 13.2.1.0 |
| Oracle | Peoplesoft Enterprise Peopletools | 8.56 |
| Netapp | Oncommand Workflow Automation | - |
| Netapp | Snapmanager | - |
| Oracle | Communications Diameter Signaling Router Idih\ | >= 8.0.0, <= 8.2.2, |
| Oracle | Communications Session Route Manager | >= 8.2.0, <= 8.2.2 |
References
- http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&mVendor Advisory
- https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fd
- https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba7
- https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49
- https://security.netapp.com/advisory/ntap-20220210-0001/PatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpuoct2020.htmlPatchThird Party Advisory
- http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&mVendor Advisory
- https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fd
- https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba7
- https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49
- https://security.netapp.com/advisory/ntap-20220210-0001/PatchThird Party Advisory
- https://www.oracle.com/security-alerts/cpuoct2020.htmlPatchThird Party Advisory
FAQ
What is CVE-2020-1954?
CVE-2020-1954 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationMan...
How severe is CVE-2020-1954?
CVE-2020-1954 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-1954?
Check the references section above for vendor advisories and patch information. Affected products include: Apache Cxf, Oracle Communications Diameter Signaling Router, Oracle Communications Element Manager, Oracle Communications Session Report Manager, Oracle Enterprise Manager Base Platform.