| title | url | date | draft | type | cve | severity | summary | description | mitigation | credit | affected | fixed |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Apache Camel Security Advisory - CVE-2014-0003 |
/security/CVE-2014-0003.html |
2014-03-20 17:38:59 -0700 |
false |
security-advisory |
CVE-2014-0003 |
CRITICAL |
The Apache Camel XSLT component allows XSL stylesheets to perform calls to external Java methods. |
The Apache Camel XSLT component allows XSL stylesheets to perform calls to external Java methods. A remote attacker able to submit messages to an xslt Camel route could use this flaw to perform arbitrary remote code execution in the context of the Camel server process. |
2.11.x users should upgrade to 2.11.4, 2.12.x users should upgrade to 2.12.3. This patch will be included from Camel 2.13.0: https://git-wip-us.apache.org/repos/asf?p=camel.git;a=commitdiff;h=e922f89290f236f3107039de61af0375826bd96d |
This issue was discovered by David Jorm. |
2.11.0 up to 2.11.3, 2.12.0 up to 2.12.2 |
2.11.4, 2.12.3, 2.13.0 and newer |
Example: Create a simple route which receives an HTTP request, apply a (safe) stylesheet and store the result in a file:
<route>
<from uri="servlet:///hello"/>
<to uri="xslt:file:/tmp/transform.xsl" />
<to uri="file:/tmp/output" />
</route>
If an attacker is able to submit a message to this route, they can provide a message that is an XML document containing external entities. These entities will be resolved, and their contents included in the output of the transformation performed by the xslt route.