{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-28752", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2024-03-08T12:29:39.918Z", "datePublished": "2024-03-15T10:27:30.083Z", "dateUpdated": "2024-08-02T00:56:58.056Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "org.apache.cxf.aegis", "product": "Apache CXF", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "4.0.4, 3.6.3, 3.5.8", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Tobias S. Fink"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.<br><br>"}], "value": "A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.\n\n"}], "metrics": [{"other": {"content": {"text": "important"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-03-15T10:27:30.083Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt"}, {"url": "http://www.openwall.com/lists/oss-security/2024/03/14/3"}, {"url": "https://security.netapp.com/advisory/ntap-20240517-0001/"}], "source": {"discovery": "EXTERNAL"}, "title": "Apache CXF SSRF Vulnerability using the Aegis databinding", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-918", "lang": "en", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "affected": [{"vendor": "netapp", "product": "oncommand_workflow_automation", "cpes": ["cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected"}]}, {"vendor": "apache", "product": "cxf", "cpes": ["cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "4.0.4", "versionType": "semver"}, {"version": "0", "status": "affected", "lessThan": "3.6.3", "versionType": "semver"}, {"version": "0", "status": "affected", "lessThan": "3.5.8", "versionType": "semver"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.3, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-07-20T03:55:33.259328Z", "id": "CVE-2024-28752", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-22T13:59:26.146Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:56:58.056Z"}, "title": "CVE Program Container", "references": [{"tags": ["vendor-advisory", "x_transferred"], "url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt"}, {"url": "http://www.openwall.com/lists/oss-security/2024/03/14/3", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240517-0001/", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.3, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-28752", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-20T03:55:33.259328Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*"], "vendor": "netapp", "product": "oncommand_workflow_automation", "versions": [{"status": "affected", "version": "0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*"], "vendor": "apache", "product": "cxf", "versions": [{"status": "affected", "version": "0", "lessThan": "4.0.4", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "3.6.3", "versionType": "semver"}, {"status": "affected", "version": "0", "lessThan": "3.5.8", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-22T13:52:39.266Z"}}], "cna": {"title": "Apache CXF SSRF Vulnerability using the Aegis databinding", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Tobias S. Fink"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "important"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache CXF", "versions": [{"status": "affected", "version": "0", "lessThan": "4.0.4, 3.6.3, 3.5.8", "versionType": "semver"}], "packageName": "org.apache.cxf.aegis", "defaultStatus": "unaffected"}], "references": [{"url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", "tags": ["vendor-advisory"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/03/14/3"}, {"url": "https://security.netapp.com/advisory/ntap-20240517-0001/"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.\n\n", "supportingMedia": [{"type": "text/html", "value": "A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.<br><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-03-15T10:27:30.083Z"}}}, "cveMetadata": {"cveId": "CVE-2024-28752", "state": "PUBLISHED", "dateUpdated": "2024-07-22T13:59:26.146Z", "dateReserved": "2024-03-08T12:29:39.918Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2024-03-15T10:27:30.083Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.\n\n"}, {"lang": "es", "value": "Una vulnerabilidad SSRF que utiliza Aegis DataBinding en versiones de Apache CXF anteriores a 4.0.4, 3.6.3 y 3.5.8 permite a un atacante realizar ataques de estilo SSRF en servicios web que toman al menos un par\u00e1metro de cualquier tipo. Los usuarios de otros enlaces de datos (incluido el enlace de datos predeterminado) no se ven afectados."}], "id": "CVE-2024-28752", "lastModified": "2024-08-01T13:49:17.413", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.8, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-15T11:15:09.220", "references": [{"source": "security@apache.org", "url": "http://www.openwall.com/lists/oss-security/2024/03/14/3"}, {"source": "security@apache.org", "url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt"}, {"source": "security@apache.org", "url": "https://security.netapp.com/advisory/ntap-20240517-0001/"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security@apache.org", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-918"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:3708", "cpe": "cpe:/a:redhat:apache_camel_spring_boot:3.20.6", "package": "cxf-core", "product_name": "Red Hat build of Apache Camel 3.20.6 for Spring Boot", "release_date": "2024-06-06T00:00:00Z"}, {"advisory": "RHSA-2024:3563", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", "package": "cxf-core", "product_name": "Red Hat JBoss Enterprise Application Platform 7", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-apache-cxf-0:3.5.8-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-hal-console-0:3.3.22-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-infinispan-0:11.0.19-2.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-jboss-ejb-client-0:4.0.54-3.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-8.SP08_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-jboss-metadata-0:13.5.0-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-jboss-modules-0:1.12.3-3.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-jboss-server-migration-0:1.10.0-36.Final_redhat_00035.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-undertow-0:2.2.32-1.SP1_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-wildfly-0:7.4.17-2.GA_redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-wildfly-discovery-0:1.2.4-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-wildfly-elytron-0:1.15.23-2.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-wildfly-http-client-0:1.1.17-1.Final_redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-wildfly-transaction-client-0:1.1.19-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-wss4j-0:2.4.3-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3560", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", "package": "eap7-xml-security-0:2.3.4-1.redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-apache-cxf-0:3.5.8-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-hal-console-0:3.3.22-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-infinispan-0:11.0.19-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-ejb-client-0:4.0.54-3.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-8.SP08_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-metadata-0:13.5.0-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-modules-0:1.12.3-3.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-jboss-server-migration-0:1.10.0-36.Final_redhat_00035.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-undertow-0:2.2.32-1.SP1_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-0:7.4.17-2.GA_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-discovery-0:1.2.4-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-elytron-0:1.15.23-2.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-http-client-0:1.1.17-1.Final_redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wildfly-transaction-client-0:1.1.19-1.Final_redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-wss4j-0:2.4.3-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3561", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", "package": "eap7-xml-security-0:2.3.4-1.redhat_00002.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:3559", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", "package": "eap7-apache-cxf-0:3.5.8-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "release_date": "2024-06-03T00:00:00Z"}, {"advisory": "RHSA-2024:5482", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0", "package": "cxf-core", "product_name": "Red Hat JBoss Enterprise Application Platform 8", "release_date": "2024-08-15T00:00:00Z"}, {"advisory": "RHSA-2024:5479", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-08-15T00:00:00Z"}, {"advisory": "RHSA-2024:5479", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8", "package": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "release_date": "2024-08-15T00:00:00Z"}, {"advisory": "RHSA-2024:5481", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-apache-cxf-0:4.0.4-1.redhat_00001.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-08-15T00:00:00Z"}, {"advisory": "RHSA-2024:5481", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9", "package": "eap8-apache-cxf-xjc-utils-0:4.0.0-5.redhat_00003.1.el9eap", "product_name": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "release_date": "2024-08-15T00:00:00Z"}, {"advisory": "RHSA-2024:8339", "cpe": "cpe:/a:redhat:camel_k:1.10.8", "package": "cxf-core", "product_name": "RHINT Camel-K 1.10.8", "release_date": "2024-10-22T00:00:00Z"}], "bugzilla": {"description": "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", "id": "2270732", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270732"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.4", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "status": "verified"}, "cwe": "CWE-918", "details": ["A SSRF vulnerability using the Aegis DataBinding in versions of Apache CXF before 4.0.4, 3.6.3 and 3.5.8 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type. Users of other data bindings (including the default databinding) are not impacted.", "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted."], "mitigation": {"lang": "en:us", "value": "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available."}, "name": "CVE-2024-28752", "package_state": [{"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "com.amazon.opendistroforelasticsearch-opendistro_security", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:camel_quarkus:3", "fix_state": "Affected", "package_name": "cxf-core", "product_name": "Red Hat build of Apache Camel for Quarkus"}, {"cpe": "cpe:/a:redhat:camel_spring_boot:3", "fix_state": "Affected", "package_name": "cxf-core", "product_name": "Red Hat build of Apache Camel for Spring Boot 3"}, {"cpe": "cpe:/a:redhat:camel_spring_boot:4", "fix_state": "Affected", "package_name": "cxf-core", "product_name": "Red Hat build of Apache Camel for Spring Boot 4"}, {"cpe": "cpe:/a:redhat:build_keycloak:", "fix_state": "Not affected", "package_name": "cxf-core", "product_name": "Red Hat Build of Keycloak"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:8", "fix_state": "Not affected", "package_name": "cxf-core", "product_name": "Red Hat Data Grid 8"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Affected", "package_name": "cxf-core", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:camel_quarkus:2", "fix_state": "Affected", "package_name": "cxf-core", "product_name": "Red Hat Integration Camel Quarkus"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Out of support scope", "package_name": "cxf-core", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "cxf-core", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Not affected", "package_name": "cxf-core", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Fix deferred", "impact": "low", "package_name": "cxf-core", "product_name": "Red Hat Single Sign-On 7"}, {"cpe": "cpe:/a:redhat:amq_streams:1", "fix_state": "Not affected", "package_name": "cxf-core", "product_name": "streams for Apache Kafka"}], "public_date": "2024-03-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-28752\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-28752\nhttps://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt\nhttps://github.com/advisories/GHSA-qmgx-j96g-4428"], "statement": "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.", "threat_severity": "Important", "upstream_fix": "cxf-core 3.5.8, cxf-core 3.6.3, cxf-core 4.0.4"}