Vulnerability Name:

CVE-2009-0027 (CCN-49144)

Assigned:2008-12-15
Published:2009-03-06
Updated:2009-03-21
Summary:The request handler in JBossWS in JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP06 and 4.3 before 4.3.0.CP04 does not properly validate the resource path during a request for a WSDL file with a custom web-service endpoint, which allows remote attackers to read arbitrary XML files via a crafted request.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-20
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2009-0027

Source: CCN
Type: RHSA-2009-0346
Moderate: JBoss Enterprise Application Platform 4.2.0CP06 update

Source: REDHAT
Type: Patch
RHSA-2009:0346

Source: CCN
Type: RHSA-2009-0347
Moderate: JBoss Enterprise Application Platform 4.3.0CP04 update

Source: REDHAT
Type: Patch
RHSA-2009:0347

Source: CCN
Type: RHSA-2009-0348
Moderate: JBoss Enterprise Application Platform 4.2.0CP06 update

Source: REDHAT
Type: Vendor Advisory
RHSA-2009:0348

Source: CCN
Type: RHSA-2009-0349
Moderate: JBoss Enterprise Application Platform 4.3.0CP04 update

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2009:0349

Source: CCN
Type: SA34112
JBoss Web Services XML File Disclosure Vulnerability

Source: SECUNIA
Type: UNKNOWN
34112

Source: CCN
Type: SECTRACK ID: 1021817
JBoss Enterprise Application Platform Discloses XML Files to Remote Users

Source: CCN
Type: JBoss Web site
JBossWS

Source: CCN
Type: OSVDB ID: 56358
JBoss Enterprise Application Platform Web Services Crafted Request Arbitrary XML File Disclosure

Source: BID
Type: UNKNOWN
34023

Source: CCN
Type: BID-34023
JBoss Enterprise Application Platform Arbitrary XML File Information Disclosure Vulnerability

Source: SECTRACK
Type: UNKNOWN
1021817

Source: CCN
Type: Red Hat Bugzilla - Bug 479668
CVE-2009-0027 JBoss EAP unprivileged local xml file access

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=479668

Source: XF
Type: UNKNOWN
jboss-wsdl-information-disclosure(49144)

Source: CONFIRM
Type: UNKNOWN
https://jira.jboss.org/jira/browse/JBPAPP-1548

Vulnerable Configuration:Configuration 1:
  • cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0:cp01:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0:cp02:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0:cp03:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0:cp04:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0:cp05:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0:cp06:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0:cp01:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0:cp02:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0:cp03:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0:cp04:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    redhat jboss enterprise application platform 4.2.0 cp01
    redhat jboss enterprise application platform 4.2.0 cp02
    redhat jboss enterprise application platform 4.2.0 cp03
    redhat jboss enterprise application platform 4.2.0 cp04
    redhat jboss enterprise application platform 4.2.0 cp05
    redhat jboss enterprise application platform 4.2.0 cp06
    redhat jboss enterprise application platform 4.3.0 cp01
    redhat jboss enterprise application platform 4.3.0 cp02
    redhat jboss enterprise application platform 4.3.0 cp03
    redhat jboss enterprise application platform 4.3.0 cp04