CVE-2019-17573

CWE-79 — Cross-site Scripting (XSS)9 documents6 sources

Severity

6.1MEDIUM

EPSS

16.1%

top 5.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Software Foundation Apache CXF Apache CXF Oracle Commerce Guided Search +5 more

Timeline

PublishedJan 16

Latest updateApr 22

Description

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present in modern browsers, who remove dot segments before sending the request. However, Mobile applications may be vulnerable.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages11 packages

▶NVDapache/cxf3.3.0 — 3.3.5+1

▶Mavenorg.apache.cxf:cxf3.3.0 — 3.3.5+1

▶Mavenorg.apache.cxf:apache-cxf3.3.0 — 3.3.5+1

▶CVEListV5apache_software_foundation/apache_cxfunspecified — 3.4.1+1

▶CVEListV5apache/cxfAll versions of Apache CXF prior to 3.3.5 and 3.2.12.

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

Cross-site scripting in Apache CXF↗2021-04-22

▶

GHSA

Reflected Cross-Site Scripting in Apache CXF↗2020-06-10

▶

OSV

Reflected Cross-Site Scripting in Apache CXF↗2020-06-10

▶

CVEList

CVE-2019-17573: By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses↗2020-01-16

▶

📋Vendor Advisories

Red Hat

cxf: XSS via the styleSheetPath↗2020-11-12

▶

Red Hat

cxf: reflected XSS in the services listing page↗2020-01-16

▶

💬Community

Bugzilla

CVE-2019-17573 cxf: reflected XSS in the services listing page [fedora-30]↗2020-01-31

▶

Bugzilla

CVE-2019-17573 cxf: reflected XSS in the services listing page↗2020-01-31

▶