CVE-2016-0956: Exposure of Sensitive Information to an Unauthorized Actor in Apache Sling Servlets Post
7.5
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.93814%
CWE
Published
5/14/2022
Updated
1/27/2023
KEV Status
No
Technology
Java
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
org.apache.sling:org.apache.sling.servlets.post | maven | <= 2.3.6 | 2.3.8 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from improper error handling in POST request processing for delete operations. Key functions identified:
- SlingPostServlet.handleOperation - Directly processes the vulnerable :operation parameter
- SlingPostServlet.handleDelete - Implements the specific vulnerable delete logic
- AbstractPostOperation.run - Base class where operation execution and session commits occur Exploit analysis shows these functions would appear in stack traces when processing malicious delete requests with :applyTo parameters, as they handle the operation dispatch, path resolution, and session management that leads to information disclosure through uncaught exceptions.