CVE-2020-13954

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 12-11-2020 02:15

Last modified: - 12-05-2022 04:47

Total changes: - 15

Description

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to inject javascript into the web page. This vulnerability affects all versions of Apache CXF prior to 3.4.1 and 3.3.8. Please note that this is a separate issue to CVE-2019-17573.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

Low

Integrity

None

Privileges required

Changed

Scope

Required

User interaction

6.1

Base score

2.8

2.7

Exploitability score

Impact score

Verification logic

vendor=apache AND product=cxf AND versionStartIncluding=3.4.0 AND versionEndExcluding=3.4.1

vendor=apache AND product=cxf AND versionEndExcluding=3.3.8

vendor=netapp AND product=snap_creator_framework AND version=-

vendor=netapp AND product=vasa_provider_for_clustered_data_ontap AND versionStartIncluding=9.6

vendor=oracle AND product=retail_order_broker_cloud_service AND version=15.0

vendor=oracle AND product=business_intelligence AND version=12.2.1.3.0 AND software_edition=enterprise

vendor=oracle AND product=business_intelligence AND version=12.2.1.4.0 AND software_edition=enterprise

vendor=oracle AND product=business_intelligence AND version=5.5.0.0.0 AND software_edition=enterprise

vendor=oracle AND product=communications_messaging_server AND version=8.1

vendor=oracle AND product=communications_messaging_server AND version=8.0.2

vendor=oracle AND product=business_intelligence AND version=5.9.0.0.0 AND software_edition=enterprise

Reference

http://cxf.apache.org/security-advisories.data/CVE-2020-13954.txt.asc?version=1&modificationDate=1605183670659&api=v2
[cxf-dev] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath-Mailing List, Vendor Advisory
[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html-Mailing List, Vendor Advisory
[cxf-users] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath-Mailing List, Vendor Advisory
[oss-security] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath-Mailing List, Third Party Advisory, Vendor Advisory
[announce] 20201112 CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath-Mailing List, Vendor Advisory
[cxf-users] 20201125 RE: CVE-2020-13954: Apache CXF Reflected XSS in the services listing page via the styleSheetPath-Mailing List, Vendor Advisory
https://www.oracle.com/security-alerts/cpujan2021.html
[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html-Exploit, Mailing List, Vendor Advisory
https://security.netapp.com/advisory/ntap-20210513-0010/
[syncope-dev] 20210526 [GitHub] [syncope] coheigea opened a new pull request #268: Disable CXF Services Listing-Mailing List, Vendor Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html
[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html-Exploit, Mailing List, Vendor Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.oracle.com/security-alerts/cpuapr2022.html

Keywords

CVE-2020-13954

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2020-13954

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures