CVE-2020-11987

Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.

CVSS v3 8.2 HIGH
CVSS v2.0 6.4 MEDIUM

8.2^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

6.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://lists.apache.org/thread.html/r2877ae10e8be56a3c52d03e373512ddd32f16b863f24c2e22f5a5ba2%40%3Cdev.poi.apache.org%3E	Mailing List Vendor Advisory
https://lists.apache.org/thread.html/r588d05a0790b40a0eb81088252e1e8c1efb99706631421f17038eb05%40%3Cdev.poi.apache.org%3E	Mailing List Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEDID4DAVPECE6O4QQCSIS75BLLBUUAM/	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EAYO5XIHD6OIEA3HPK64UDDBSLNAC5/	Mailing List Third Party Advisory
https://security.gentoo.org/glsa/202401-11	Third Party Advisory
https://www.oracle.com//security-alerts/cpujul2021.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html	Patch Third Party Advisory
https://xmlgraphics.apache.org/security.html	Release Notes Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:batik:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:33:::::::*
	cpe:2.3:o:fedoraproject:fedora:34:::::::*

Configuration 3 (hide)

OR	cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:::::::*
	cpe:2.3:a:oracle:banking_apis:18.3:::::::*
	cpe:2.3:a:oracle:banking_apis:19.1:::::::*
	cpe:2.3:a:oracle:banking_apis:19.2:::::::*
	cpe:2.3:a:oracle:banking_apis:20.1:::::::*
	cpe:2.3:a:oracle:banking_apis:21.1:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:18.3:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:19.1:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:19.2:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:20.1:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:21.1:::::::*
	cpe:2.3:a:oracle:communications_application_session_controller:3.9m0p3:::::::*
	cpe:2.3:a:oracle:communications_metasolv_solution:6.3.0:::::::*
	cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:::::::*
	cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3.0:::::::*
	cpe:2.3:a:oracle:enterprise_repository:11.1.1.7.0:::::::*
	cpe:2.3:a:oracle:flexcube_universal_banking::::::::
	cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*
	cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:::::::*
	cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:::::::*
	cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:::::::*
	cpe:2.3:a:oracle:insurance_policy_administration::::::::
	cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:::::::*
	cpe:2.3:a:oracle:retail_back_office:14.1:::::::*
	cpe:2.3:a:oracle:retail_central_office:14.1:::::::*
	cpe:2.3:a:oracle:retail_order_broker:15.0:::::::*
	cpe:2.3:a:oracle:retail_order_broker:16.0:::::::*
	cpe:2.3:a:oracle:retail_order_management_system_cloud_service:19.5:::::::*
	cpe:2.3:a:oracle:retail_point-of-service:14.1:::::::*
	cpe:2.3:a:oracle:retail_returns_management:14.1:::::::*
	cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
	cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
	cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

01 Feb 2024, 01:24

Type	Values Removed	Values Added
CPE		cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::* cpe:2.3:a:oracle:product_lifecycle_analytics:3.6.1:::::::* cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::* cpe:2.3:o:debian:debian_linux:10.0:::::::* cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:::::::*
First Time		Debian debian Linux Oracle product Lifecycle Analytics Oracle weblogic Server Debian Oracle agile Engineering Data Management
References	~~() https://security.gentoo.org/glsa/202401-11 -~~	() https://security.gentoo.org/glsa/202401-11 - Third Party Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEDID4DAVPECE6O4QQCSIS75BLLBUUAM/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEDID4DAVPECE6O4QQCSIS75BLLBUUAM/ - Mailing List, Third Party Advisory
References	~~() https://lists.apache.org/thread.html/r588d05a0790b40a0eb81088252e1e8c1efb99706631421f17038eb05%40%3Cdev.poi.apache.org%3E -~~	() https://lists.apache.org/thread.html/r588d05a0790b40a0eb81088252e1e8c1efb99706631421f17038eb05%40%3Cdev.poi.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html -~~	(MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html - Mailing List, Third Party Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EAYO5XIHD6OIEA3HPK64UDDBSLNAC5/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EAYO5XIHD6OIEA3HPK64UDDBSLNAC5/ - Mailing List, Third Party Advisory
References	~~() https://lists.apache.org/thread.html/r2877ae10e8be56a3c52d03e373512ddd32f16b863f24c2e22f5a5ba2%40%3Cdev.poi.apache.org%3E -~~	() https://lists.apache.org/thread.html/r2877ae10e8be56a3c52d03e373512ddd32f16b863f24c2e22f5a5ba2%40%3Cdev.poi.apache.org%3E - Mailing List, Vendor Advisory
References	~~(N/A) https://www.oracle.com/security-alerts/cpujul2022.html -~~	(N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory

07 Jan 2024, 11:15

Type	Values Removed	Values Added
References		() https://security.gentoo.org/glsa/202401-11 -

07 Nov 2023, 03:15

Type	Values Removed	Values Added
References	{'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W7EAYO5XIHD6OIEA3HPK64UDDBSLNAC5/', 'name': 'FEDORA-2021-65ff5f10e2', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'} {'url': 'https://lists.apache.org/thread.html/r588d05a0790b40a0eb81088252e1e8c1efb99706631421f17038eb05@%3Cdev.poi.apache.org%3E', 'name': '[poi-dev] 20210304 [Bug 65166] New: Apache Batik 1.13 vulnerabilities (CVE-2020-11987, CVE-2020-11988)', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r2877ae10e8be56a3c52d03e373512ddd32f16b863f24c2e22f5a5ba2@%3Cdev.poi.apache.org%3E', 'name': '[poi-dev] 20210308 [Bug 65166] Apache Batik 1.13 vulnerabilities (CVE-2020-11987, CVE-2020-11988)', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEDID4DAVPECE6O4QQCSIS75BLLBUUAM/', 'name': 'FEDORA-2021-33a1b73e48', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'FEDORA'}	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EAYO5XIHD6OIEA3HPK64UDDBSLNAC5/ - () https://lists.apache.org/thread.html/r2877ae10e8be56a3c52d03e373512ddd32f16b863f24c2e22f5a5ba2%40%3Cdev.poi.apache.org%3E - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEDID4DAVPECE6O4QQCSIS75BLLBUUAM/ - () https://lists.apache.org/thread.html/r588d05a0790b40a0eb81088252e1e8c1efb99706631421f17038eb05%40%3Cdev.poi.apache.org%3E -

15 Oct 2023, 00:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html -

Information

Published : 2021-02-24 18:15

Updated : 2024-02-28 18:08

NVD link : CVE-2020-11987

Mitre link : CVE-2020-11987

CVE.ORG link : CVE-2020-11987

JSON object : View

Products Affected

oracle

communications_metasolv_solution
retail_point-of-service
communications_offline_mediation_controller
enterprise_repository
fusion_middleware_mapviewer
retail_order_broker
flexcube_universal_banking
weblogic_server
banking_digital_experience
product_lifecycle_analytics
retail_central_office
insurance_policy_administration
retail_order_management_system_cloud_service
communications_application_session_controller
retail_back_office
banking_apis
retail_returns_management
agile_engineering_data_management
instantis_enterprisetrack

fedoraproject

fedora

debian

debian_linux

apache

batik

CWE

CWE-20

Improper Input Validation

CWE-918

Server-Side Request Forgery (SSRF)

8.2 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

6.4 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2020-11987

8.2^/10

6.4^/10

Attach tags to `CVE-2020-11987`