CVE-2016-8750 - OpenCVE

Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:S/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Apache	Karaf
Redhat	Jboss Amq Jboss Fuse

Configuration 1 [-]

cpe:2.3:a:apache:karaf:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat JBoss A-MQ 6.3
karaf	cpe:/a:redhat:jboss_amq:6.3	RHSA-2018:1322	2018-05-03T00:00:00Z
Red Hat JBoss Fuse 6.3
karaf	cpe:/a:redhat:jboss_fuse:6.3	RHSA-2018:1322	2018-05-03T00:00:00Z

References

Link	Providers
http://www.securityfocus.com/bid/103098
https://access.redhat.com/errata/RHSA-2018:1322
https://karaf.apache.org/security/cve-2016-8750.txt
https://nvd.nist.gov/vuln/detail/CVE-2016-8750
https://www.cve.org/CVERecord?id=CVE-2016-8750

History

No history.

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2018-02-19T15:00:00Z

Updated: 2024-09-17T00:36:15.735Z

Reserved: 2016-10-18T00:00:00

Link: CVE-2016-8750

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-02-19T15:29:00.207

Modified: 2019-04-26T13:16:27.353

Link: CVE-2016-8750

Redhat

Severity : Moderate

Publid Date: 2016-12-12T00:00:00Z

Links: CVE-2016-8750 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "Apache Karaf", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "prior to 4.0.8"}]}], "datePublic": "2017-12-04T00:00:00", "descriptions": [{"lang": "en", "value": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service."}], "problemTypes": [{"descriptions": [{"description": "Injection Attack", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-05-04T09:57:01", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"name": "RHSA-2018:1322", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:1322"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://karaf.apache.org/security/cve-2016-8750.txt"}, {"name": "103098", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/103098"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "DATE_PUBLIC": "2017-12-04T00:00:00", "ID": "CVE-2016-8750", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Karaf", "version": {"version_data": [{"version_value": "prior to 4.0.8"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Injection Attack"}]}]}, "references": {"reference_data": [{"name": "RHSA-2018:1322", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:1322"}, {"name": "https://karaf.apache.org/security/cve-2016-8750.txt", "refsource": "CONFIRM", "url": "https://karaf.apache.org/security/cve-2016-8750.txt"}, {"name": "103098", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103098"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:35:00.163Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2018:1322", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:1322"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://karaf.apache.org/security/cve-2016-8750.txt"}, {"name": "103098", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/103098"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2016-8750", "datePublished": "2018-02-19T15:00:00Z", "dateReserved": "2016-10-18T00:00:00", "dateUpdated": "2024-09-17T00:36:15.735Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:karaf:*:*:*:*:*:*:*:*", "matchCriteriaId": "990D05D0-F472-4516-9C4B-3E743BFB4956", "versionEndExcluding": "4.0.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service."}, {"lang": "es", "value": "Apache Karaf en versiones anteriores a la 4.0.8 utilizaba LDAPLoginModule para autenticar a los usuarios en un directorio mediante LDAP. Sin embargo, no cifraba los nombres de usuario correctamente y, por lo tanto, era vulnerable a ataques de inyecci\u00f3n LDAP, lo que conduc\u00eda a una denegaci\u00f3n de servicio (DoS)."}], "id": "CVE-2016-8750", "lastModified": "2019-04-26T13:16:27.353", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-02-19T15:29:00.207", "references": [{"source": "security@apache.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103098"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:1322"}, {"source": "security@apache.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://karaf.apache.org/security/cve-2016-8750.txt"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-90"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:1322", "cpe": "cpe:/a:redhat:jboss_amq:6.3", "package": "karaf", "product_name": "Red Hat JBoss A-MQ 6.3", "release_date": "2018-05-03T00:00:00Z"}, {"advisory": "RHSA-2018:1322", "cpe": "cpe:/a:redhat:jboss_fuse:6.3", "package": "karaf", "product_name": "Red Hat JBoss Fuse 6.3", "release_date": "2018-05-03T00:00:00Z"}], "bugzilla": {"description": "karaf: LDAP injection in LDAPLoginModule", "id": "1524432", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524432"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-90", "details": ["Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.", "Apache Karaf uses the LDAPLoginModule to authenticate users to a directory via LDAP. It does not, however, encode usernames properly and hence is vulnerable to LDAP injection attacks. While it appears that it is not possible to exploit this vulnerability to allow an attacker to gain remote access, it does allow an attacker to insert special characters into the search query step. Therefore, it can potentially be exploited as part of a Denial of Service attack."], "name": "CVE-2016-8750", "package_state": [{"cpe": "cpe:/a:redhat:jboss_amq:6", "fix_state": "Affected", "package_name": "karaf", "product_name": "Red Hat JBoss A-MQ 6"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Will not fix", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:11", "fix_state": "Will not fix", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 11 (Ocata)"}, {"cpe": "cpe:/a:redhat:openstack:12", "fix_state": "Will not fix", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 12 (Pike)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Affected", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:8", "fix_state": "Will not fix", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 8 (Liberty)"}, {"cpe": "cpe:/a:redhat:openstack:9", "fix_state": "Will not fix", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 9 (Mitaka)"}], "public_date": "2016-12-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-8750\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-8750\nhttps://karaf.apache.org/security/cve-2016-8750.txt"], "threat_severity": "Moderate", "upstream_fix": "karaf 4.0.8"}