{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2018-02-22T00:00:00", "datePublic": "2018-02-08T00:00:00", "descriptions": [{"lang": "en", "value": "A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-12T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://jolokia.org/#Security_fixes_with_1.5.0"}, {"name": "RHSA-2018:2669", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2669"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2018-02-22", "ID": "CVE-2018-1000130", "REQUESTER": "mhopkins@gdssecurity.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://jolokia.org/#Security_fixes_with_1.5.0", "refsource": "CONFIRM", "url": "https://jolokia.org/#Security_fixes_with_1.5.0"}, {"name": "RHSA-2018:2669", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2669"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T12:33:49.337Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://jolokia.org/#Security_fixes_with_1.5.0"}, {"name": "RHSA-2018:2669", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2669"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-1000130", "datePublished": "2018-03-14T13:00:00", "dateReserved": "2018-03-14T00:00:00", "dateUpdated": "2024-08-05T12:33:49.337Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jolokia:webarchive_agent:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "D72882E2-6003-47AA-AD79-CC827A25A60F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server."}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n JNDI en la versi\u00f3n 1.3.7 del agente Jolokia, en el modo proxy, que permite que un atacante remoto ejecute c\u00f3digo Java arbitrario en el servidor."}], "id": "CVE-2018-1000130", "lastModified": "2024-11-21T03:39:44.780", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-14T13:29:00.300", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2669"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://jolokia.org/#Security_fixes_with_1.5.0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2669"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://jolokia.org/#Security_fixes_with_1.5.0"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:2669", "cpe": "cpe:/a:redhat:jboss_fuse:7", "package": "jolokia-core", "product_name": "Red Hat JBoss Fuse 7", "release_date": "2018-09-11T00:00:00Z"}], "bugzilla": {"description": "jolokia: JMX proxy mode vulnerable to remote code execution", "id": "1559316", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559316"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.1", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-99", "details": ["A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server."], "name": "CVE-2018-1000130", "package_state": [{"cpe": "cpe:/a:redhat:jboss_dev_studio:11.", "fix_state": "Not affected", "package_name": "jolokia-core", "product_name": "JBoss Developer Studio 11"}, {"cpe": "cpe:/a:redhat:amq_broker:7", "fix_state": "Affected", "package_name": "jolokia-core", "product_name": "Red Hat AMQ Broker 7"}, {"cpe": "cpe:/a:redhat:openstack:7", "fix_state": "Not affected", "package_name": "opendaylight", "product_name": "Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)"}, {"cpe": "cpe:/a:redhat:jboss_amq:6", "fix_state": "Will not fix", "package_name": "jolokia-core", "product_name": "Red Hat JBoss A-MQ 6"}, {"cpe": "cpe:/a:redhat:jboss_data_virtualization:6", "fix_state": "Out of support scope", "package_name": "jolokia-client-java", "product_name": "Red Hat JBoss Data Virtualization 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Will not fix", "package_name": "jolokia-core", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:fuse_integration_services:2", "fix_state": "Affected", "package_name": "jolokia-core", "product_name": "Red Hat JBoss Fuse Integration Service 2"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Will not fix", "impact": "low", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:11", "fix_state": "Not affected", "impact": "low", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 11 (Ocata)"}, {"cpe": "cpe:/a:redhat:openstack:12", "fix_state": "Will not fix", "impact": "low", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 12 (Pike)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Will not fix", "impact": "low", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:8", "fix_state": "Not affected", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 8 (Liberty)"}, {"cpe": "cpe:/a:redhat:openstack:9", "fix_state": "Will not fix", "impact": "low", "package_name": "opendaylight", "product_name": "Red Hat OpenStack Platform 9 (Mitaka)"}], "public_date": "2018-02-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-1000130\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-1000130\nhttps://jolokia.org/#Security_fixes_with_1.5.0"], "statement": "For Red Hat OpenStack Platform, although the affected code is present in shipped packages, proxy mode is not enabled by default and the affected code is not used in any supported configuration of Red Hat OpenStack Platform.  For this reason, the RHOSP impact as been reduced to Low and this issue is not currently planned to be addressed in future updates.", "threat_severity": "Important"}