CVE-2014-3577

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the "foo,CN=www.apache.org" string in the O field.

References

http://seclists.org/fulldisclosure/2014/Aug/48

http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html

http://secunia.com/advisories/60713

http://secunia.com/advisories/60589

https://access.redhat.com/solutions/1165533

http://rhn.redhat.com/errata/RHSA-2014-1146.html

http://rhn.redhat.com/errata/RHSA-2014-1166.html

http://rhn.redhat.com/errata/RHSA-2014-1892.html

http://rhn.redhat.com/errata/RHSA-2014-1891.html

http://rhn.redhat.com/errata/RHSA-2014-1836.html

http://rhn.redhat.com/errata/RHSA-2014-1835.html

http://rhn.redhat.com/errata/RHSA-2014-1834.html

http://rhn.redhat.com/errata/RHSA-2014-1833.html

http://rhn.redhat.com/errata/RHSA-2015-0158.html

http://rhn.redhat.com/errata/RHSA-2015-0125.html

http://rhn.redhat.com/errata/RHSA-2015-0675.html

http://rhn.redhat.com/errata/RHSA-2015-0720.html

http://rhn.redhat.com/errata/RHSA-2015-0765.html

http://rhn.redhat.com/errata/RHSA-2015-0851.html

http://rhn.redhat.com/errata/RHSA-2015-0850.html

http://rhn.redhat.com/errata/RHSA-2015-1177.html

http://rhn.redhat.com/errata/RHSA-2015-1176.html

http://www.ubuntu.com/usn/USN-2769-1

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564

http://www.securityfocus.com/bid/69258

http://www.securitytracker.com/id/1030812

http://www.osvdb.org/110143

http://secunia.com/advisories/60466

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782

https://exchange.xforce.ibmcloud.com/vulnerabilities/95327

http://rhn.redhat.com/errata/RHSA-2016-1931.html

http://rhn.redhat.com/errata/RHSA-2016-1773.html

http://rhn.redhat.com/errata/RHSA-2015-1888.html

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cissues.drill.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.cxf.apache.org%3E

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html

https://lists.apache.org/thread.html/[email protected]%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.cxf.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.cxf.apache.org%3E

http://www.openwall.com/lists/oss-security/2021/10/06/1

Details

Source: MITRE

Published: 2014-08-21

Updated: 2021-10-07

Risk Information

CVSS v2

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:apache:httpclient:*:*:*:*:*:*:*:* versions from 4.0 to 4.3.4 (inclusive)

Configuration 2

OR

cpe:2.3:a:apache:httpasyncclient:*:*:*:*:*:*:*:* versions from 4.0 to 4.0.1 (inclusive)

Tenable Plugins

View all (31 total)

IDNameProductFamilySeverity
155661Jenkins Enterprise and Operations Center < 2.249.33.0.1 / 2.277.42.0.1 / 2.303.2.5 Multiple Vulnerabilities (CloudBees Security Advisory 2021-10-06)NessusCGI abuses
medium
154055Jenkins LTS < 2.303.2 / Jenkins weekly < 2.315 Multiple VulnerabilitiesNessusCGI abuses
medium
153949FreeBSD : jenkins -- Jenkins core bundles vulnerable version of the commons-httpclient library (9bad457e-b396-4452-8773-15bec67e1ceb)NessusFreeBSD Local Security Checks
medium
153924Jenkins Git Plugin < 4.8.3 / Jenkins LTS < 2.303.2 / Jenkins weekly < 2.315 Multiple Vulnerabilities (Deprecated)NessusCGI abuses
medium
149787IBM WebSphere Application Server 8.0.x <= 8.0.0.15 / 8.5.x < 8.5.5.20 / 9.0.x < 9.0.5.8 Multiple VulnerabilitiesNessusWeb Servers
high
142638openSUSE Security Update : apache-commons-httpclient (openSUSE-2020-1875)NessusSuSE Local Security Checks
medium
142629openSUSE Security Update : apache-commons-httpclient (openSUSE-2020-1873)NessusSuSE Local Security Checks
medium
140702Photon OS 3.0: Commons PHSA-2020-3.0-0141NessusPhotonOS Local Security Checks
medium
119378RHEL 6 : Red Hat OpenShift Enterprise 2.2.10 (RHSA-2016:1773)NessusRed Hat Local Security Checks
critical
94419FreeBSD : Axis2 -- Security vulnerabilities on dependency Apache HttpClient (ac18046c-9b08-11e6-8011-005056925db4)NessusFreeBSD Local Security Checks
medium
86401Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : commons-httpclient vulnerabilities (USN-2769-1)NessusUbuntu Local Security Checks
medium
85712RHEL 6 : Virtualization Manager (RHSA-2015:0158)NessusRed Hat Local Security Checks
medium
83545Debian DLA-222-1 : commons-httpclient security updateNessusDebian Local Security Checks
medium
82850IBM WebSphere Portal 8.0.0.x < 8.0.0.1 CF15 Multiple VulnerabilitiesNessusCGI abuses
medium
80159RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2014:2019)NessusRed Hat Local Security Checks
medium
79205RHEL 5 / 6 : JBoss EAP (RHSA-2014:1834)NessusRed Hat Local Security Checks
medium
79204RHEL 5 / 6 : JBoss EWP (RHSA-2014:1833)NessusRed Hat Local Security Checks
medium
78353Amazon Linux AMI : jakarta-commons-httpclient (ALAS-2014-410)NessusAmazon Linux Local Security Checks
medium
78008RHEL 4 / 5 / 6 : JBoss EAP (RHSA-2014:1321)NessusRed Hat Local Security Checks
medium
78007RHEL 4 / 5 / 6 : JBoss EWP (RHSA-2014:1320)NessusRed Hat Local Security Checks
medium
77567RHEL 5 / 6 / 7 : jakarta-commons-httpclient (RHSA-2014:1166)NessusRed Hat Local Security Checks
medium
77566Oracle Linux 5 / 6 / 7 : jakarta-commons-httpclient (ELSA-2014-1166)NessusOracle Linux Local Security Checks
medium
77564CentOS 5 / 6 / 7 : jakarta-commons-httpclient (CESA-2014:1166)NessusCentOS Local Security Checks
medium
77561RHEL 5 / 6 / 7 : JBoss EAP (RHSA-2014:1162)NessusRed Hat Local Security Checks
medium
77521RHEL 7 : httpcomponents-client (RHSA-2014:1146)NessusRed Hat Local Security Checks
medium
77515Oracle Linux 7 : httpcomponents-client (ELSA-2014-1146)NessusOracle Linux Local Security Checks
medium
77507CentOS 7 : httpcomponents-client (CESA-2014:1146)NessusCentOS Local Security Checks
medium
77445Fedora 19 : httpcomponents-client-4.2.5-4.fc19 (2014-9629)NessusFedora Local Security Checks
medium
77444Fedora 20 : httpcomponents-client-4.2.5-4.fc20 (2014-9617)NessusFedora Local Security Checks
medium
77399Fedora 20 : jakarta-commons-httpclient-3.1-15.fc20 (2014-9581)NessusFedora Local Security Checks
medium
77396Fedora 19 : jakarta-commons-httpclient-3.1-15.fc19 (2014-9539)NessusFedora Local Security Checks
medium