Vulnerability Name:

CVE-2011-1483 (CCN-69856)

Assigned:2011-09-16
Published:2011-09-16
Updated:2019-10-09
Summary:wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterprise BRMS Platform 5.1.0; and JBoss Enterprise Web Platform 5.1.1 does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested entity references, a similar issue to CVE-2003-1564.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2011-1483

Source: CCN
Type: RHSA-2011-1301
Important: jbossws-common security update

Source: CCN
Type: RHSA-2011-1306
Important: jbossws-common security update

Source: CCN
Type: RHSA-2011-1309
Important: jbossas security update

Source: CCN
Type: SA46048
Red Hat Multiple JBoss Products Web Services Native Denial of Service Vulnerability

Source: CCN
Type: SA54255
HP Network Node Manager i (NNMi) Multiple Vulnerabilities

Source: CONFIRM
Type: Patch
http://source.jboss.org/changelog/JBossWS/?cs=13996

Source: CCN
Type: JBoss Web site
JBoss Enterprise Application Platform

Source: CCN
Type: OSVDB ID: 75613
JBoss Multiple Product Web Services Native DTD Parsing Remote DoS

Source: CCN
Type: BID-49654
JBoss Enterprise Application Platform Remote Denial of Service Vulnerability

Source: CCN
Type: Red Hat Bugzilla Bug 692584
CVE-2011-1483 JBossWS remote Denial of Service

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=692584

Source: XF
Type: UNKNOWN
jboss-entity-dos(69856)

Source: CCN
Type: HP Security Bulletin HPSBMU02894 rev.1
HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Access, Execution of Arbitrary Code

Source: HP
Type: UNKNOWN
SSRT101110

Vulnerable Configuration:Configuration 1:
  • cpe:/a:redhat:jboss_communications_platform:1.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_communications_platform:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:4.2.0:cp09:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_brms_platform:5.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_portal_platform:4.3.0:cp06:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_portal_platform:5.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_soa_platform:4.2.0:cp05:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_soa_platform:4.3.0:cp05:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_soa_platform:5.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_web_platform:5.1.1:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:hp:network_node_manager_i:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:hp:network_node_manager_i:9.01:*:*:*:*:*:*:*
  • OR cpe:/a:hp:network_node_manager_i:9.02:*:*:*:*:*:*:*
  • OR cpe:/a:hp:network_node_manager_i:9.03:*:*:*:*:*:*:*
  • OR cpe:/a:hp:network_node_manager_i:9.10:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:redhat:jboss_enterprise_application_platform:4.3:*:*:*:*:*:*:*
  • AND
  • cpe:/a:hp:network_node_manager_i:9.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    redhat jboss communications platform 1.2.11
    redhat jboss communications platform 5.1.1
    redhat jboss enterprise application platform 4.2.0 cp09
    redhat jboss enterprise application platform 4.3.0
    redhat jboss enterprise application platform 5.1.1
    redhat jboss enterprise brms platform 5.1.0
    redhat jboss enterprise portal platform 4.3.0 cp06
    redhat jboss enterprise portal platform 5.1.1
    redhat jboss enterprise soa platform 4.2.0 cp05
    redhat jboss enterprise soa platform 4.3.0 cp05
    redhat jboss enterprise soa platform 5.1.0
    redhat jboss enterprise web platform 5.1.1
    hp network node manager i 9.0
    hp network node manager i 9.01
    hp network node manager i 9.02
    hp network node manager i 9.03
    hp network node manager i 9.10
    redhat jboss enterprise application platform 4.3
    hp network node manager i 9.0