CVE-2024-29736

CWE-918 — Server-Side Request Forgery (SSRF)6 documents6 sources

Severity

9.1CRITICAL

EPSS

0.4%

top 42.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Software Foundation Apache CXF Apache CXF

Timeline

PublishedJul 19

Latest updateOct 15

Description

A SSRF vulnerability in WADL service description in versions of Apache CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF style attacks on REST webservices. The attack only applies if a custom stylesheet parameter is configured.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages3 packages

▶Mavenorg.apache.cxf:cxf-rt-rs-service-description4.0.0 — 4.0.5+2

▶NVDapache/cxf3.6.0 — 3.6.4+2

▶CVEListV5apache_software_foundation/apache_cxf< 3.5.9, 3.6.4, 4.0.5

🔴Vulnerability Details

GHSA

Apache CXF: SSRF vulnerability via WADL stylesheet parameter↗2024-07-19

▶

OSV

Apache CXF: SSRF vulnerability via WADL stylesheet parameter↗2024-07-19

▶

CVEList

Apache CXF: SSRF vulnerability via WADL stylesheet parameter↗2024-07-19

▶

📋Vendor Advisories

Oracle

Oracle Oracle Communications Risk Matrix: Signaling (Apache CXF) — CVE-2024-29736↗2024-10-15

▶

Red Hat

apache: cxf: org.apache.cxf:cxf-rt-rs-service-description: SSRF via WADL stylesheet parameter↗2024-07-19

▶