Vulnerability Name: CVE-2018-8013 (CCN-143678) Assigned: 2018-05-23 Published: 2018-05-23 Updated: 2020-10-20 Summary: In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deserialization. CVSS v3 Severity: 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): NoneAvailibility (A): None
CVSS v2 Severity: 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
Vulnerability Type: CWE-502 Vulnerability Consequences: Obtain Information References: Source: MITRECVE-2018-8013 [CVE-2018-8013] Apache Batik information disclosure vulnerability Vulnerability in Apache Batik affects IBM Curam Social Program Management (CVE-2018-8013) Oracle Critical Patch Update Advisory - April 2019 Oracle Critical Patch Update Advisory - January 2019 Oracle Critical Patch Update Advisory - July 2018 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Oracle Critical Patch Update Advisory - July 2019 Oracle Critical Patch Update Advisory - October 2018 http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html 104252 Apache Batik CVE-2018-8013 Information Disclosure Vulnerability 1040995 apache-batik-cve20188013-info-disc(143678) [xmlgraphics-commits] 20200615 svn commit: r1878851 - /xmlgraphics/site/trunk/content/security.mdtext [xmlgraphics-commits] 20200615 svn commit: r1878850 - /xmlgraphics/site/trunk/content/security.mdtext [debian-lts-announce] 20180525 [SECURITY] [DLA 1385-1] batik security update [xmlgraphics-batik-dev] 20180523 [CVE-2018-8013] Apache Batik information disclosure vulnerability USN-3661-1 DSA-4215 Security Vulnerability in Apache Batik Affects IBM WebSphere Portal (CVE-2018-8013) A vulnerability in an older version of a Batik plugin that is included in IBM Installation Manager and IBM Packaging Utility Older version of common Open Source: batik-dom-1.9.1.jar found in the MaximoForgeViewerPlugIn which is shipped with IBM Maximo for Civil Infrastructure Multiple vulnerabilities in Apache Batik affect Tivoli Netcool/OMNIbus WebGUI (CVE-2017-5662, CVE-2018-8013, CVE-2015-0250, CVE-2019-17566) BM TRIRIGA Application Platform discloses CVE-20215-0250 Multiple Vulnerabilities discovered in libraries used by TCRtoolkit in ITNM Multiple vulnerabilities in DITA may affect IBM Business Automation Workflow and IBM Case Manager Oracle Critical Patch Update Advisory - July 2020 https://www.oracle.com/security-alerts/cpujul2020.html Oracle Critical Patch Update Advisory - October 2020 https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html CVE-2018-8013 The Apache Batik Project https://xmlgraphics.apache.org/security.html Vulnerable Configuration: Configuration 1 :cpe:/a:apache:batik:*:*:*:*:*:*:*:* (Version >= 1.0 and < 1.10)Configuration 2 :cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:* OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:* OR cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:* Configuration 3 :cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* Configuration 4 :cpe:/a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_policy_administration_j2ee:10.0:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_policy_administration_j2ee:10.2:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:* (Version < 7.2) OR cpe:/a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:* (Version < 8.3) OR cpe:/a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_repository:11.1.1.7.0:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_central_office:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:* OR cpe:/a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:* OR cpe:/a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_metasolv_solution:6.3.0:*:*:*:*:*:*:* OR cpe:/a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_back_office:13.3:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_back_office:14:*:*:*:*:*:*:* OR cpe:/a:oracle:business_intelligence:11.1.1.9.0:*:*:*:enterprise:*:*:* OR cpe:/a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:* OR cpe:/a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* (Version >= 7.3.3.0.0 and <= 7.3.3.0.2) OR cpe:/a:oracle:fusion_middleware_mapviewer:12.2.1.2:*:*:*:*:*:*:* OR cpe:/a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_integration_bus:17.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_point-of-service:13.4:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_back_office:13.4:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_back_office:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:business_intelligence:11.1.1.7.0:*:*:*:enterprise:*:*:* OR cpe:/a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:* OR cpe:/a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* (Version >= 8.0.0.0.0 and <= 8.0.7.1.0) OR cpe:/a:oracle:fusion_middleware_mapviewer:12.2.1.3:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:apache:batik:1.0:*:*:*:*:*:*:* OR cpe:/a:apache:batik:1.7:*:*:*:*:*:*:* OR cpe:/a:apache:batik:1.9.1:*:*:*:*:*:*:* AND cpe:/a:ibm:websphere_portal:7.0:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_portal:8.0:*:*:*:*:*:*:* OR cpe:/a:ibm:tririga_application_platform:2.7:*:*:*:*:*:*:* OR cpe:/a:ibm:curam_social_program_management:6.0.5:*:*:*:*:*:*:* OR cpe:/a:ibm:websphere_portal:8.5:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:* OR cpe:/a:ibm:curam_social_program_management:6.1.1:*:*:*:*:*:*:* OR cpe:/a:oracle:business_intelligence:11.1.1.7.0::~~enterprise~~~:*:*:*:*:* OR cpe:/a:oracle:business_intelligence:11.1.1.9.0::~~enterprise~~~:*:*:*:*:* OR cpe:/a:ibm:websphere_portal:9.0:*:*:*:*:*:*:* OR cpe:/a:ibm:curam_social_program_management:6.2.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_order_broker_cloud_service:5.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_order_broker_cloud_service:5.2:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_order_broker_cloud_service:15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_order_broker_cloud_service:16.0:*:*:*:*:*:*:* OR cpe:/a:ibm:curam_social_program_management:7.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_webrtc_session_controller:7.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_back_office:13.3:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_back_office:13.4:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_back_office:14.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_back_office:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware_mapviewer:12.2.1.2:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_repository:11.1.1.7.0:*:*:*:*:*:*:* OR cpe:/a:oracle:enterprise_repository:12.1.3.0.0:*:*:*:*:*:*:* OR cpe:/a:oracle:financial_services_analytical_applications_infrastructure:7.3.3:*:*:*:*:*:*:* OR cpe:/a:oracle:business_intelligence:12.2.1.3.0::~~enterprise~~~:*:*:*:*:* OR cpe:/a:oracle:financial_services_analytical_applications_infrastructure:8.0:*:*:*:*:*:*:* OR cpe:/a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:* OR cpe:/a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_metasolv_solution:6.3.0:*:*:*:*:*:*:* OR cpe:/a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_diameter_signaling_router:8:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware_mapviewer:12.2.1.3:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_central_office:14.1:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_policy_administration_j2ee:10.0:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_policy_administration_j2ee:10.2:*:*:*:*:*:*:* OR cpe:/a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_application_session_controller:3.7.1:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:* OR cpe:/a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_point-of-service:13.4:*:*:*:*:*:*:* OR cpe:/a:oracle:business_intelligence:12.2.1.4.0::~~enterprise~~~:*:*:*:*:* OR cpe:/a:ibm:tivoli_netcool/omnibus:8.1.0:*:*:*:*:*:*:* OR cpe:/a:oracle:retail_integration_bus:17.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_application_session_controller:3.8.0:*:*:*:*:*:*:* OR cpe:/a:ibm:maximo_for_civil_infrastructure:7.6.2:*:*:*:*:*:*:* OR cpe:/a:ibm:business_automation_workflow:20.0.0.1:*:*:*:traditional:*:*:* OR cpe:/a:ibm:business_automation_workflow:20.0.0.2:*:*:*:traditional:*:*:* OR cpe:/a:ibm:business_automation_workflow:21.0.1:*:*:*:traditional:*:*:* OR cpe:/a:ibm:case_manager:5.3.3:*:*:*:*:*:*:* OR cpe:/a:ibm:business_automation_workflow:22.0.1:*:*:*:traditional:*:*:* OR cpe:/a:ibm:business_automation_workflow:21.0.3.1:*:*:*:traditional:*:*:* OR cpe:/a:ibm:business_automation_workflow:22.0.2:*:*:*:traditional:*:*:* Oval Definitions BACK
apache batik *
debian debian linux 8.0
debian debian linux 9.0
debian debian linux 7.0
canonical ubuntu linux 14.04
oracle retail order broker 5.1
oracle retail order broker 5.2
oracle retail order broker 15.0
oracle insurance policy administration j2ee 10.0
oracle insurance policy administration j2ee 10.2
oracle communications webrtc session controller *
oracle communications diameter signaling router *
oracle insurance calculation engine 10.1.1
oracle insurance calculation engine 10.2.1
oracle enterprise repository 11.1.1.7.0
oracle enterprise repository 12.1.3.0.0
oracle retail order broker 16.0
oracle retail central office 14.1
oracle instantis enterprisetrack 17.1
oracle instantis enterprisetrack 17.2
oracle instantis enterprisetrack 17.3
oracle communications metasolv solution 6.3.0
oracle jd edwards enterpriseone tools 9.2
oracle retail returns management 14.1
oracle retail point-of-service 14.0
oracle retail back office 13.3
oracle retail back office 14
oracle business intelligence 11.1.1.9.0
oracle business intelligence 12.2.1.4.0
oracle financial services analytical applications infrastructure *
oracle fusion middleware mapviewer 12.2.1.2
oracle data integrator 12.2.1.3.0
oracle retail integration bus 17.0
oracle retail point-of-service 13.4
oracle retail point-of-service 14.1
oracle retail back office 13.4
oracle retail back office 14.1
oracle business intelligence 11.1.1.7.0
oracle business intelligence 12.2.1.3.0
oracle financial services analytical applications infrastructure *
oracle fusion middleware mapviewer 12.2.1.3
apache batik 1.0
apache batik 1.7
apache batik 1.9.1
ibm websphere portal 7.0
ibm websphere portal 8.0
ibm tririga application platform 2.7
ibm curam social program management 6.0.5
ibm websphere portal 8.5
oracle retail point-of-service 14.0
oracle retail point-of-service 14.1
oracle jd edwards enterpriseone tools 9.2
ibm curam social program management 6.1.1
oracle business intelligence 11.1.1.7.0
oracle business intelligence 11.1.1.9.0
ibm websphere portal 9.0
ibm curam social program management 6.2.0
oracle retail order broker cloud service 5.1
oracle retail order broker cloud service 5.2
oracle retail order broker cloud service 15.0
oracle retail order broker cloud service 16.0
ibm curam social program management 7.0.1
oracle communications webrtc session controller 7.1
oracle retail back office 13.3
oracle retail back office 13.4
oracle retail back office 14.0
oracle retail back office 14.1
oracle fusion middleware mapviewer 12.2.1.2
oracle retail returns management 14.1
oracle enterprise repository 11.1.1.7.0
oracle enterprise repository 12.1.3.0.0
oracle financial services analytical applications infrastructure 7.3.3
oracle business intelligence 12.2.1.3.0
oracle financial services analytical applications infrastructure 8.0
oracle instantis enterprisetrack 17.1
oracle instantis enterprisetrack 17.2
oracle communications metasolv solution 6.3.0
oracle webcenter sites 12.2.1.3.0
oracle communications diameter signaling router 8
oracle fusion middleware mapviewer 12.2.1.3
oracle retail central office 14.1
oracle insurance policy administration j2ee 10.0
oracle insurance policy administration j2ee 10.2
oracle instantis enterprisetrack 17.3
oracle communications application session controller 3.7.1
oracle insurance calculation engine 10.1.1
oracle insurance calculation engine 10.2.1
oracle retail point-of-service 13.4
oracle business intelligence 12.2.1.4.0
ibm tivoli netcool/omnibus 8.1.0
oracle retail integration bus 17.0
oracle communications application session controller 3.8.0
ibm maximo for civil infrastructure 7.6.2
ibm business automation workflow 20.0.0.1
ibm business automation workflow 20.0.0.2
ibm business automation workflow 21.0.1
ibm case manager 5.3.3
ibm business automation workflow 22.0.1
ibm business automation workflow 21.0.3.1
ibm business automation workflow 22.0.2
Denotes that component is vulnerable