Vulnerability Details : CVE-2010-2076
Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
Vulnerability category: File inclusionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2010-2076
Probability of exploitation activity in the next 30 days: 1.63%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 87 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-2076
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2010-2076
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
-
The product imports, requires, or includes executable functionality (such as a library) from a source that is outside of the intended control sphere.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-2076
-
https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html-Apache Mail ArchivesMailing List;Patch
-
https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html-Apache Mail ArchivesMailing List;Patch
-
http://www.securityfocus.com/bid/42492
Apache CXF XML DTD Processing Security VulnerabilityBroken Link;Third Party Advisory;VDB Entry
-
http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html
Apache Geronimo : Apache Geronimo v2.1.6 - ReleasedVendor Advisory
-
http://www.listware.net/201006/cxf-users/60160-important-apache-cxf-security-advisory-cve-2010-2076.html
404 Not FoundBroken Link
-
https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html-Apache Mail ArchivesMailing List;Patch
-
https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html-Apache Mail ArchivesMailing List;Patch
-
https://issues.apache.org/jira/browse/GERONIMO-5383
[GERONIMO-5383] CVE-2010-1632 and CVE-2010-2076: Axis2 and CXF HTTP binding enables DTD based XML attacks. - ASF JIRAThird Party Advisory
-
http://secunia.com/advisories/40969
Sign inBroken Link;Vendor Advisory
-
https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.htmMailing List;Patch
-
http://secunia.com/advisories/41016
Sign inBroken Link;Vendor Advisory
-
http://geronimo.apache.org/22x-security-report.html
Apache Geronimo : 2.2.x Security ReportRelease Notes;Vendor Advisory
-
http://geronimo.apache.org/21x-security-report.html
Apache Geronimo : 2.1.x Security ReportRelease Notes;Vendor Advisory
-
http://svn.apache.org/repos/asf/cxf/trunk/security/CVE-2010-2076.pdf
Exploit;Vendor Advisory
-
http://secunia.com/advisories/41025
Sign inBroken Link;Vendor Advisory
-
https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html-Apache Mail ArchivesMailing List;Patch
Products affected by CVE-2010-2076
- cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cxf:*:*:*:*:*:*:*:*