Miggo Logo

CVE-2020-13931: Remote code execution in Apache TomEE

9.8

CVSS Score
3.1

Basic Information

EPSS Score
0.79334%
Published
2/9/2022
Updated
2/1/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.apache.tomee:apache-tomeemaven>= 8.0.0, < 8.0.48.0.4
org.apache.tomee:apache-tomeemaven>= 7.1.0, < 7.1.47.1.4
org.apache.tomee:apache-tomeemaven< 7.0.97.0.9

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability centers around insecure JMX exposure in TomEE's ActiveMQ integration. While exact patch details are unavailable, analysis of the vulnerability pattern suggests: 1) The ActiveMQ resource adapter's start method would be responsible for service initialization 2) BrokerService methods handling JMX connector creation would be involved. These functions would appear in stack traces when the JMX server is initialized without authentication. The medium confidence reflects the lack of direct patch access, but aligns with standard ActiveMQ/TomEE JMX implementation patterns described in the advisory.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

I* *p**** Tom** *.*.*-M* - *.*.*, *.*.* - *.*.*, *.*.*-M* - *.*.*, *.*.* - *.*.* is *on*i*ur** to us* t** *m****** **tiv*MQ *rok*r, *n* t** *rok*r *on*i* is mis*on*i*ur**, * JMX port is op*n** on T*P port ****, w*i** *o*s not in*lu** *ut**nti**tion.

Reasoning

T** vuln*r**ility **nt*rs *roun* ins**ur* JMX *xposur* in Tom**'s **tiv*MQ int**r*tion. W*il* *x**t p*t** **t*ils *r* un*v*il**l*, *n*lysis o* t** vuln*r**ility p*tt*rn su***sts: *) T** **tiv*MQ r*sour** ***pt*r's `st*rt` m*t*o* woul* ** r*sponsi*l*