Vulnerability Name:

CVE-2017-12624 (CCN-135095)

Assigned:2017-08-07
Published:2017-08-07
Updated:2021-06-16
Summary:Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment header that could lead to a Denial of Service (DoS) attack on a CXF web service provider. Both JAX-WS and JAX-RS services are vulnerable to this attack. From Apache CXF 3.2.1 and 3.1.14, message attachment headers that are greater than 300 characters will be rejected by default. This value is configurable via the property "attachment-max-header-size".
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2017-12624

Source: CCN
Type: Apache CXF Security Advisory
CVE-2017-12624: Apache CXF web services that process attachments are vulnerable to Denial of Service (DoS) attacks

Source: CONFIRM
Type: Issue Tracking, Vendor Advisory
http://cxf.apache.org/security-advisories.data/CVE-2017-12624.txt.asc

Source: CCN
Type: IBM Security Bulletin 0715641 (Cognos Business Intelligence)
IBM Cognos Business Intelligence Server 2018Q2 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 0716291 (TRIRIGA Application Platform)
Vulnerability in Apache CXF affects IBM TRIRIGA Application Platform (CVE-2017-12624)

Source: CCN
Type: IBM Security Bulletin 0719163 (Rational Reporting for Development Intelligence)
Multiple vulnerabilities in IBM Cognos Business Intelligence affect Rational Reporting for Development Intelligence

Source: CCN
Type: IBM Security Bulletin 0719165 (Rational Insight)
Multiple vulnerabilities in IBM Cognos Business Intelligence affect Rational Insight

Source: CCN
Type: IBM Security Bulletin 735065 (InfoSphere Master Data Management)
Security vulnerability in Apache affects IBM InfoSphere Master Data Management (CVE-2017-12624)

Source: CCN
Type: IBM Security Bulletin 735991 (Mobile Foundation)
Open Source Apache CXF Vulnerabilities

Source: CCN
Type: IBM Security Bulletin T1027368 (Spectrum LSF Explorer)
Open Source Apache CXF Vulnerabilities affects IBM Spectrum LSF Explorer

Source: CCN
Type: IBM Security Bulletin 2013336 (Tivoli Application Dependency Discovery Manager)
Open Source Apache CXF Vulnerablities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2017-12624)

Source: CCN
Type: IBM Security Bulletin 2013597 (WebSphere Application Server)
Denial of Service in Apache CXF used by WebSphere Application Server (CVE-2017-12624)

Source: CCN
Type: IBM Security Bulletin 2014053 (Spectrum Control Standard Edition)
IBM Spectrum Control (formerly IBM Tivoli Storage Productivity Center) is affected by a vulnerability in Apache CXF (CVE-2017-12624)

Source: CCN
Type: IBM Security Bulletin 2014078 (Tivoli Network Manager IP Edition)
A security vulnerability has been identified in Apache CXF, which is shipped with IBM Tivoli Network Manager IP Edition (CVE-2017-12624).

Source: CCN
Type: IBM Security Bulletin 2015296 (Liberty for Java for Bluemix)
Denial of Service in Apache CXF used by Liberty for Java for IBM Cloud (CVE-2017-12624)

Source: CCN
Type: IBM Security Bulletin 2015297 (WebSphere Application Server in Cloud)
Information Disclosure in IBM HTTP Server and Denial of Service in Apache CXF used by IBM WebSphere Application Server for IBM Cloud (CVE-2017-12613, CVE-2017-12624)

Source: CCN
Type: IBM Security Bulletin 2015467 (InfoSphere Information Server)
A vulnerability in Apache CXF affects IBM InfoSphere Information Server

Source: CCN
Type: IBM Security Bulletin 2016545 (Tivoli Netcool/Impact)
IBM Tivoli Netcool Impact is affected by a potential denial of service used by IBM WebSphere Application Server vulnerability (CVE-2017-12624)

Source: BID
Type: Third Party Advisory, VDB Entry
101859

Source: CCN
Type: BID-101859
Apache CXF CVE-2017-12624 Denial of Service Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1040486

Source: REDHAT
Type: UNKNOWN
RHSA-2018:2423

Source: REDHAT
Type: UNKNOWN
RHSA-2018:2424

Source: REDHAT
Type: UNKNOWN
RHSA-2018:2425

Source: REDHAT
Type: UNKNOWN
RHSA-2018:2428

Source: XF
Type: UNKNOWN
apache-cxf-cve201712624-dos(135095)

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html

Source: CCN
Type: IBM Security Bulletin 715641 (Cognos Business Intelligence Server)
IBM Cognos Business Intelligence Server 2018Q2 Security Updater : IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 717121 (Cognos Controller)
IBM Cognos Controller 2018Q3 Security Updater: Multiple vulnerabilities have been identified in IBM Cognos Controller

Source: CCN
Type: IBM Security Bulletin 728087 (Monitoring)
A vulnerability in Apache CXF could affect IBM Performance Management products (CVE-2017-12624)

Source: CCN
Type: IBM Security Bulletin 738249 (Cognos Analytics)
Multiple Vulnerabilities in IBM Cognos Analytics

Source: CCN
Type: IBM Security Bulletin 6207901 (Security Identity Governance and Intelligence)
IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6413397 (Security Guardium)
IBM Security Guardium is affected by an "Apache CXF" jar vulnerability

Source: CCN
Type: IBM Security Bulletin 6828455 (z/Transaction Processing Facility)
z/Transaction Processing Facility is affected by multiple vulnerabilities in the jackson-databind, jackson-dataformat-xml, jackson-core, slf4j-ext, and cxf-core packages

Source: CCN
Type: IBM Security Bulletin 6831647 (Security Guardium)
IBM Security Guardium is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6854713 (Voice Gateway)
Multiple Vulnerabilities in Java and Node.js packages affect IBM Voice Gateway

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:cxf:*:*:*:*:*:*:*:* (Version >= 3.2.0 and < 3.2.1)
  • OR cpe:/a:apache:cxf:*:*:*:*:*:*:*:* (Version >= 3.0.0 and < 3.0.16)
  • OR cpe:/a:apache:cxf:*:*:*:*:*:*:*:* (Version >= 3.1.0 and < 3.1.14)

    • Configuration CCN 1:
  • cpe:/a:apache:cxf:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:cxf:3.1.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:cxf:3.2:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_reporting:5.0:*:*:*:development_intelligence:*:*:*
  • OR cpe:/a:ibm:rational_reporting:5.0.1:*:*:*:development_intelligence:*:*:*
  • OR cpe:/a:ibm:rational_insight:1.1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_insight:1.1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_netcool/impact:7.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_insight:1.1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_reporting:5.0.2:*:*:*:development_intelligence:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_insight:1.1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_analytics:11:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_master_data_management:11.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_network_manager:4.2:*:ip:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_control:5.2.10:*:standard:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_master_data_management:11.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:liberty:*:*:java:*:bluemix:*:*:*
  • OR cpe:/a:ibm:monitoring:8.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server_in_cloud:*:*:*:*:liberty:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:10.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tririga_application_platform:3.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence_server:10.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence_server:10.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence_server:10.2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence_server:10.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_business_intelligence:10.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cognos_controller:10.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mobile_foundation:8.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:10.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium:11.4:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    apache cxf *
    apache cxf *
    apache cxf *
    apache cxf 3.1
    apache cxf 3.1.13
    apache cxf 3.2
    ibm websphere application server 7.0
    ibm websphere application server 8.0
    ibm websphere application server 8.5
    ibm cognos business intelligence 10.2.1
    ibm cognos business intelligence 10.2.1.1
    ibm rational reporting 5.0
    ibm rational reporting 5.0.1
    ibm rational insight 1.1.1.4
    ibm rational insight 1.1.1.5
    ibm tivoli netcool/impact 7.1.0
    ibm cognos business intelligence 10.2.2
    ibm tivoli application dependency discovery manager 7.3
    ibm rational insight 1.1.1.6
    ibm rational reporting 5.0.2
    ibm cognos controller 10.2.1
    ibm cognos controller 10.2.0
    ibm rational insight 1.1.1.7
    ibm cognos analytics 11
    ibm infosphere master data management 11.5
    ibm tivoli network manager 4.2
    ibm spectrum control 5.2.10
    ibm websphere application server 9.0
    ibm infosphere master data management 11.6
    ibm liberty *
    ibm monitoring 8.1.4
    ibm websphere application server in cloud *
    ibm cognos controller 10.3.1
    ibm security guardium 10.5
    ibm tririga application platform 3.5.3
    ibm cognos business intelligence server 10.2.0
    ibm cognos business intelligence server 10.2.1
    ibm cognos business intelligence server 10.2.1.1
    ibm cognos business intelligence server 10.2.2
    ibm cognos business intelligence 10.2.0
    ibm cognos controller 10.3.0
    ibm mobile foundation 8.0.0.0
    ibm security guardium 10.6
    ibm voice gateway 1.0.2
    ibm voice gateway 1.0.3
    ibm voice gateway 1.0.2.4
    ibm voice gateway 1.0.4
    ibm security guardium 11.0
    ibm security guardium 11.1
    ibm security identity governance and intelligence 5.2.6
    ibm voice gateway 1.0.5
    ibm security guardium 11.2
    ibm voice gateway 1.0.7
    ibm security guardium 11.3
    ibm security guardium 11.4