Vulnerability Name:

CVE-2017-5656 (CCN-125216)

Assigned:2017-04-18
Published:2017-04-18
Updated:2021-06-16
Summary:Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-384
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2017-5656

Source: CCN
Type: Apache Web site
Apache CXF -- Index

Source: CCN
Type: Apache Web site
Apache CXF's STSClient uses a flawed way of caching tokens that are associated with delegation tokens

Source: CONFIRM
Type: Patch, Vendor Advisory
http://cxf.apache.org/security-advisories.data/CVE-2017-5656.txt.asc?version=1&modificationDate=1492515113282&api=v2

Source: CCN
Type: IBM Security Bulletin 958165 (Security Identity Governance and Intelligence)
IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability

Source: CCN
Type: IBM Security Bulletin 2003397 (Tivoli Application Dependency Discovery Manager)
Open Source Apache CXF Vulnerablities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2016-6812, CVE-2016-8739)New CVEs added: CVE-2017-5653, CVE-2017-5656

Source: CCN
Type: IBM Security Bulletin 2005158 (TRIRIGA Application Platform)
IBM TRIRIGA Application Platform Apache CXF Vulnerability (CVE-2017-5656)

Source: BID
Type: Third Party Advisory, VDB Entry
97971

Source: CCN
Type: BID-97971
Apache CXF CVE-2017-5656 Information Disclosure Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1038282

Source: REDHAT
Type: Issue Tracking
RHSA-2017:1832

Source: REDHAT
Type: Issue Tracking
RHSA-2018:1694

Source: XF
Type: UNKNOWN
apache-cxf-cve20175656-sec-bypass(125216)

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html

Source: MLIST
Type: UNKNOWN
[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html

Source: CCN
Type: IBM Security Bulletin 2011984 (InfoSphere Master Data Management Server)
Mulitiple security vulnerabilities in Apache CXF affects IBM InfoSphere Master Data Management (CVE-2016-6812 CVE-2016-8739 CVE-2017-5653 CVE-2017-5656 CVE-2017-3156)

Source: CCN
Type: IBM Security Bulletin 6207901 (Security Identity Governance and Intelligence)
IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:cxf:*:*:*:*:*:*:*:* (Version >= 3.1.0 and < 3.1.11)
  • OR cpe:/a:apache:cxf:*:*:*:*:*:*:*:* (Version >= 3.0.0 and < 3.0.13)

    • Configuration CCN 1:
  • cpe:/a:apache:cxf:3.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:cxf:3.0.12:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:tririga_application_platform:3.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_master_data_management_server:10.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tririga_application_platform:3.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tririga_application_platform:3.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tririga_application_platform:3.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_master_data_management_server:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_master_data_management_server:11.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_master_data_management_server:11.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_master_data_management_server:11.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_master_data_management_server:11.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    apache cxf *
    apache cxf *
    apache cxf 3.1.10
    apache cxf 3.0.12
    ibm tririga application platform 3.3.1
    ibm infosphere master data management server 10.1
    ibm tivoli application dependency discovery manager 7.3
    ibm security identity governance and intelligence 5.2
    ibm tririga application platform 3.5
    ibm security identity governance and intelligence 5.2.1
    ibm tririga application platform 3.5.1
    ibm tririga application platform 3.5.2
    ibm infosphere master data management server 11.0
    ibm infosphere master data management server 11.3
    ibm infosphere master data management server 11.4
    ibm infosphere master data management server 11.5
    ibm infosphere master data management server 11.6
    ibm security identity governance and intelligence 5.2.2
    ibm security identity governance and intelligence 5.2.2.1
    ibm security identity governance and intelligence 5.2.3
    ibm security identity governance and intelligence 5.2.3.1
    ibm security identity governance and intelligence 5.2.3.2
    ibm security identity governance and intelligence 5.2.4
    ibm security identity governance and intelligence 5.2.4.1
    ibm security identity governance and intelligence 5.2.5.0
    ibm security identity governance and intelligence 5.2.6