Vulnerability Name:

CVE-2020-10693 (CCN-182240)

Assigned:2020-02-20
Published:2020-02-20
Updated:2022-05-10
Summary:A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.
CVSS v3 Severity:5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-20
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2020-10693

Source: CCN
Type: Red Hat Bugzilla – Bug 1805501
(CVE-2020-10693) - CVE-2020-10693 hibernate-validator: Improper input validation in the interpolation of constraint error messages

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693

Source: XF
Type: UNKNOWN
hibernate-cve202010693-sec-bypass(182240)

Source: CCN
Type: Hibernate Web site
Hibernate Validator

Source: MLIST
Type: Mailing List, Patch, Third Party Advisory
[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-791 Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219

Source: MLIST
Type: Mailing List, Third Party Advisory
[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219

Source: MLIST
Type: Mailing List, Third Party Advisory
[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219

Source: CCN
Type: IBM Security Bulletin 6348216 (WebSphere Application Server Liberty)
Vulnerability in Hibernate Validator affects WebSphere Application Server Liberty (CVE-2020-10693)

Source: CCN
Type: IBM Security Bulletin 6365001 (PowerVM NovaLink)
Novalink is impacted by Vulnerability in Hibernate Validator affects WebSphere Application Server Liberty (CVE-2020-10693)

Source: CCN
Type: IBM Security Bulletin 6373662 (Voice Gateway)
Multiple Security Vulnerabilities in IBM WebSphere Application Server affects IBM Voice Gateway

Source: CCN
Type: IBM Security Bulletin 6380400 (Liberty for Java)
Vulnerability in Hibernate Validator affects Liberty for Java for IBM Cloud (CVE-2020-10693)

Source: CCN
Type: IBM Security Bulletin 6381340 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is affected by a vulnerability in WebSphere Application Server Liberty (CVE-2020-10693)

Source: CCN
Type: IBM Security Bulletin 6382238 (WebSphere Application Server in Cloud)
Multiple Security Vulnerabilities Affect IBM WebSphere Application Server in IBM Cloud

Source: CCN
Type: IBM Security Bulletin 6382878 (Cloud Pak for Automation)
Multiple vulnerabilities in middleware software affect IBM Cloud Pak for Automation

Source: CCN
Type: IBM Security Bulletin 6403259 (Security Identity Governance and Intelligence)
IBM has announced a release for IBM Security Identity Governance and Intelligence in response to a security vulnerability (CVE-2020-10693)

Source: CCN
Type: IBM Security Bulletin 6404738 (Control Center)
Websphere Hibernate Validator Vulnerability Affects IBM Control Center (CVE-2020-10693)

Source: CCN
Type: IBM Security Bulletin 6409880 (Z Development & Test Environment)
Vulnerability in WebSphere Application Server Liberty affects IBM Z Development and Test Environment - Jan 2021

Source: CCN
Type: IBM Security Bulletin 6410788 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6435269 (Rational Asset Analyzer)
Rational Asset Analyzer is affected by a vulnerability in WebSphere Application Server Liberty (CVE-2020-10693)

Source: CCN
Type: IBM Security Bulletin 6454173 (Sterling B2B Integrator)
Multiple Security Vulnerabilities in IBM WebSphere Application Server Affect IBM Sterling B2B Integrator

Source: CCN
Type: IBM Security Bulletin 6601111 (Tivoli Network Manager)
Due to use of Hibernate Validator version 6.1.2.Final IBM Tivoli Network Manager is vulnerable which allows attackers to bypass input sanitation (escaping, stripping) controls(CVE-2020-10693, CVE-2019-10219).

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:redhat:hibernate_validator:7.0.0:alpha1:*:*:*:*:*:*
  • OR cpe:/a:redhat:hibernate_validator:*:*:*:*:*:*:*:* (Version >= 6.1.2 and < 6.1.5)
  • OR cpe:/a:redhat:hibernate_validator:*:*:*:*:*:*:*:* (Version >= 5.0.0 and < 6.0.20)

    • Configuration 2:
  • cpe:/a:ibm:websphere_application_server:*:*:*:*:liberty:*:*:* (Version >= 17.0.0.3 and <= 20.0.0.10)

    • Configuration 3:
  • cpe:/a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:7.3.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:redhat:satellite_capsule:6.8:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:satellite:6.8:*:*:*:*:*:*:*

    • Configuration 5:
  • cpe:/a:quarkus:quarkus:*:*:*:*:*:*:*:* (Version <= 1.4.2)

    • Configuration 6:
  • cpe:/a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:ibm:rational_asset_analyzer:6.1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server_in_cloud:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server_in_cloud:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server_in_cloud:*:*:*:*:liberty:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:5.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:17.0.0.3:*:*:*:liberty:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:control_center:6.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:control_center:6.1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:data_risk_manager:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:20.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_asset_analyzer:6.1.0.23:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_application_server:20.0.0.10:*:*:*:liberty:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_b2b_integrator:6.1.0.0:*:*:*:standard:*:*:*

    • * Denotes that component is vulnerable
    BACK
    redhat hibernate validator 7.0.0 alpha1
    redhat hibernate validator *
    redhat hibernate validator *
    ibm websphere application server *
    redhat jboss enterprise application platform 7.2.0
    redhat jboss enterprise application platform 7.3.0
    redhat enterprise linux 7.0
    redhat enterprise linux 6.0
    redhat enterprise linux 8.0
    redhat satellite capsule 6.8
    redhat satellite 6.8
    quarkus quarkus *
    oracle weblogic server 14.1.1.0.0
    ibm rational asset analyzer 6.1.0.0
    ibm websphere application server in cloud 8.5
    ibm websphere application server in cloud 9.0
    ibm websphere application server in cloud *
    ibm sterling b2b integrator 6.0.0.0
    ibm sterling b2b integrator 5.2.0.0
    ibm voice gateway 1.0.2
    ibm voice gateway 1.0.3
    ibm websphere application server 17.0.0.3
    ibm voice gateway 1.0.2.4
    ibm voice gateway 1.0.4
    ibm control center 6.0.0.2
    ibm control center 6.1.3.0
    ibm data risk manager 2.0.6
    ibm security identity governance and intelligence 5.2.6
    ibm voice gateway 1.0.5
    ibm cloud pak for automation 20.0.1
    ibm rational asset analyzer 6.1.0.23
    ibm websphere application server 20.0.0.10
    ibm voice gateway 1.0.6
    ibm sterling b2b integrator 6.1.0.0