5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-1954

GHSA ID

GHSA-ffm7-7r8g-77xm

EPSS Score

0.28552%

CWE

CWE-200

Published

2/10/2022

Updated

9/26/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-1954

CVE-2020-1954: Apache CXF JMX Integration is vulnerable to a MITM attack

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the createMBServerConnectorFactory property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX.

(GitHub Advisory)

5.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2020-1954

GHSA ID

GHSA-ffm7-7r8g-77xm

EPSS Score

0.28552%

CWE

CWE-200

Published

2/10/2022

Updated

9/26/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.cxf:cxf-rt-management	maven	< 3.2.13	3.2.13
org.apache.cxf:cxf-rt-management	maven	>= 3.3.0, < 3.3.6	3.3.6

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from InstrumentationManagerImpl's default behavior of enabling MBServerConnectorFactory via the createMBServerConnectorFactory property. This factory creates a JMX connector server that registers an insecure RMI registry entry, allowing local attackers to rebind it. The commit diff shows removal of MBServerConnectorFactory-related code as mitigation, confirming these components' role in the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*p**** *X* **s t** **ility to int**r*t* wit* JMX *y r**ist*rin* *n `Instrum*nt*tionM*n***r` *xt*nsion wit* t** *X* *us. I* t** `*r**t*M*S*rv*r*onn**tor***tory` prop*rty o* t** ****ult `Instrum*nt*tionM*n***rImpl` is not *is**l**, t**n it is vuln*r**l

Reasoning

T** vuln*r**ility st*ms *rom `Instrum*nt*tionM*n***rImpl`'s ****ult ****vior o* *n**lin* `M*S*rv*r*onn**tor***tory` vi* t** `*r**t*M*S*rv*r*onn**tor***tory` prop*rty. T*is ***tory *r**t*s * `JMX` *onn**tor s*rv*r t**t r**ist*rs *n ins**ur* `RMI` r**i

5.3

Basic Information

Concerned about an active attack path?

CVE-2020-1954: Apache CXF JMX Integration is vulnerable to a MITM attack

5.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI