Vulnerability CVE-2021-28657

Vulnerability Name:

CVE-2021-28657 (CCN-199112)

Assigned:

2021-03-30

Published:

2021-03-30

Updated:

2022-05-10

Summary:

A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to 1.26 or later.

CVSS v3 Severity:

5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-835

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2021-28657

Source: XF
Type: UNKNOWN
apache-cve202128657-dos(199112)

Source: MLIST
Type: Mailing List, Third Party Advisory
[james-notifications] 20210501 [GitHub] [james-project] chibenwa opened a new pull request #414: [UPGRADE] Adopt Apache Tika 1.26

Source: MISC
Type: Mailing List, Vendor Advisory
https://lists.apache.org/thread.html/r915add4aa52c60d1b5cf085039cfa73a98d7fae9673374dfd7744b5a%40%3Cdev.tika.apache.org%3E

Source: CCN
Type: oss-sec Mailing List, Tue, 30 Mar 2021 08:19:51 -0400
CVE-2021-28657: Infinite loop in Apache Tika's MP3 parser

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20210507-0004/

Source: CCN
Type: Apache Web site
Apache Tika

Source: CCN
Type: IBM Security Bulletin 6464817 (Watson Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache Tika

Source: CCN
Type: IBM Security Bulletin 6474843 (QRadar SIEM)
IBM QRadar SIEM is vulnerable to Using Components with Known Vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6524700 (Planning Analytics Workspace)
IBM Planning Analytics Workspace is affected by security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6570915 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities including a remote code execution in Spring Framework (CVE-2022-22965)

Source: CCN
Type: IBM Security Bulletin 6836829 (Log Analysis)
IBM Operations Analytics - Log Analysis susceptible to multiple vulnerabilities in Apache Tika (CVE-2020-9489, CVE-2022-25169, CVE-2021-28657)

Source: CCN
Type: Oracle CPUApr2022
Oracle Critical Patch Update Advisory - April 2022

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html

Source: CCN
Type: Oracle CPUOct2021
Oracle Critical Patch Update Advisory - October 2021

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-28657

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:tika:*:*:*:*:*:*:*:* (Version <= 1.25)

Configuration 2:

cpe:/a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*

OR cpe:/a:oracle:primavera_unifier:*:*:*:*:*:*:*:* (Version >= 17.7 and <= 17.12)

OR cpe:/a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*

OR cpe:/a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*

OR cpe:/o:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*

OR cpe:/a:oracle:healthcare_foundation:8.0.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:healthcare_foundation:8.1.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:tika:1.25:*:*:*:*:*:*:*

AND

cpe:/a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*

OR cpe:/a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_discovery:2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:log_analysis:1.3.5.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:log_analysis:1.3.6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:log_analysis:1.3.6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4.0:-:*:*:*:*:*:*

OR cpe:/a:ibm:watson_discovery:2.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3.3:p8:*:*:*:*:*:*

OR cpe:/a:ibm:planning_analytics_workspace:2.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:91690	P	Security update for SUSE Manager Server 4.0 (Moderate)	2021-06-21
oval:org.opensuse.security:def:95980	P	Security update for SUSE Manager Server 4.1 (Moderate)	2021-06-21

BACK