Miggo Logo

CVE-2020-1954: Apache CXF JMX Integration is vulnerable to a MITM attack

5.3

CVSS Score
3.1

Basic Information

EPSS Score
0.28552%
Published
2/10/2022
Updated
9/26/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.apache.cxf:cxf-rt-managementmaven< 3.2.133.2.13
org.apache.cxf:cxf-rt-managementmaven>= 3.3.0, < 3.3.63.3.6

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from InstrumentationManagerImpl's default behavior of enabling MBServerConnectorFactory via the createMBServerConnectorFactory property. This factory creates a JMX connector server that registers an insecure RMI registry entry, allowing local attackers to rebind it. The commit diff shows removal of MBServerConnectorFactory-related code as mitigation, confirming these components' role in the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*p**** *X* **s t** **ility to int**r*t* wit* JMX *y r**ist*rin* *n `Instrum*nt*tionM*n***r` *xt*nsion wit* t** *X* *us. I* t** `*r**t*M*S*rv*r*onn**tor***tory` prop*rty o* t** ****ult `Instrum*nt*tionM*n***rImpl` is not *is**l**, t**n it is vuln*r**l

Reasoning

T** vuln*r**ility st*ms *rom `Instrum*nt*tionM*n***rImpl`'s ****ult ****vior o* *n**lin* `M*S*rv*r*onn**tor***tory` vi* t** `*r**t*M*S*rv*r*onn**tor***tory` prop*rty. T*is ***tory *r**t*s * `JMX` *onn**tor s*rv*r t**t r**ist*rs *n ins**ur* `RMI` r**i