CVE-2020-11971

Published: May 14, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0.

Affected (8)

Products: Apache: Camel · Oracle: Communications Diameter Intelligence Hub, Communications Diameter Signaling Router, Enterprise Manager Base Platform, Flexcube Private Banking

1 product

4 products

Communications Diameter Intelligence Hub

Communications Diameter Signaling Router

Enterprise Manager Base Platform

Flexcube Private Banking

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apache Camel	From 2.22.0 to 3.1.0

Configuration B

7 vulnerable

Vulnerable Software	Affected Versions
Oracle Communications Diameter Intelligence Hub	From 8.0.0 to 8.1.0
Oracle Communications Diameter Intelligence Hub	From 8.2.0 to 8.2.3
Oracle Communications Diameter Signaling Router	From 8.0.0 to 8.2.2
Oracle Enterprise Manager Base Platform	Version 13.3.0.0
Oracle Enterprise Manager Base Platform	Version 13.4.0.0
Oracle Flexcube Private Banking	Version 12.0.0
Oracle Flexcube Private Banking	Version 12.1.0

References (30)

http://www.openwall.com/lists/oss-security/2020/05/14/7

Source: security@apache.org

Mailing ListPatchThird Party Advisory

https://camel.apache.org/security/CVE-2020-11971.html

Source: security@apache.org

PatchVendor Advisory

https://lists.apache.org/thread.html/r16f4f9019840bc923e25d1b029fb42fe2676c4ba36e54824749a8da9%40%3Ccommits.camel.apache.org%3E

Source: security@apache.org

https://lists.apache.org/thread.html/r3d0ae14ca224e69fb1c653f0a5d9e56370ee12d8896aa4490aeae14a%40%3Ccommits.camel.apache.org%3E

Source: security@apache.org

https://lists.apache.org/thread.html/r45da6abb42a9e6853ec8affdbf591f1db3e90c5288de9d3753124c79%40%3Cissues.activemq.apache.org%3E

Source: security@apache.org

https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328%40%3Cusers.activemq.apache.org%3E

Source: security@apache.org

https://lists.apache.org/thread.html/r7968b5086e861da2cf635a7b215e465ce9912d5f16c683b8e56819c4%40%3Ccommits.camel.apache.org%3E

Source: security@apache.org

https://lists.apache.org/thread.html/r8988311eb2481fd8a87e69cf17ffb8dc81bfeba5503021537f72db0a%40%3Cissues.activemq.apache.org%3E

Source: security@apache.org

https://lists.apache.org/thread.html/r938dc2ded68039ab747f6d7a12153862495d4b38107d3ed111994386%40%3Cissues.activemq.apache.org%3E

Source: security@apache.org

https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882%40%3Cusers.activemq.apache.org%3E

Source: security@apache.org

https://lists.apache.org/thread.html/rb0033c4e9dade1fdf22493314062364ff477e9a8b417f687dc168468%40%3Cissues.activemq.apache.org%3E

Source: security@apache.org

https://lists.apache.org/thread.html/rc907a3d385a9c62416d686608e7241c864be8ef2ac16a3bdb0e33649%40%3Cissues.activemq.apache.org%3E

Source: security@apache.org

https://www.oracle.com/security-alerts/cpuapr2022.html

Source: security@apache.org

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpujan2021.html

Source: security@apache.org

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2020.html

Source: security@apache.org

Third Party Advisory

http://www.openwall.com/lists/oss-security/2020/05/14/7

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

https://camel.apache.org/security/CVE-2020-11971.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://lists.apache.org/thread.html/r16f4f9019840bc923e25d1b029fb42fe2676c4ba36e54824749a8da9%40%3Ccommits.camel.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/r3d0ae14ca224e69fb1c653f0a5d9e56370ee12d8896aa4490aeae14a%40%3Ccommits.camel.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/r45da6abb42a9e6853ec8affdbf591f1db3e90c5288de9d3753124c79%40%3Cissues.activemq.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328%40%3Cusers.activemq.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/r7968b5086e861da2cf635a7b215e465ce9912d5f16c683b8e56819c4%40%3Ccommits.camel.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/r8988311eb2481fd8a87e69cf17ffb8dc81bfeba5503021537f72db0a%40%3Cissues.activemq.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/r938dc2ded68039ab747f6d7a12153862495d4b38107d3ed111994386%40%3Cissues.activemq.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882%40%3Cusers.activemq.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/rb0033c4e9dade1fdf22493314062364ff477e9a8b417f687dc168468%40%3Cissues.activemq.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.apache.org/thread.html/rc907a3d385a9c62416d686608e7241c864be8ef2ac16a3bdb0e33649%40%3Cissues.activemq.apache.org%3E

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.oracle.com/security-alerts/cpuapr2022.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpujan2021.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2020.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.