Multiple vulnerabilities in Axway SecureTransport (January 2023)
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 8 |
| CVE-ID | CVE-2022-40153 CVE-2022-40152 CVE-2022-45143 CVE-2022-41915 CVE-2022-45693 CVE-2022-45685 CVE-2021-37533 |
| CWE-ID | CWE-20 CWE-787 CWE-94 CWE-113 CWE-345 CWE-79 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SecureTransport Server applications / File servers (FTP/HTTP) |
| Vendor | Axway |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
1) Improper input validation
EUVDB-ID: #VU71314
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-40153
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Centralized Third Party Jars (XStream) component in Oracle WebLogic Server. A remote non-authenticated attacker can exploit this vulnerability to perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsSecureTransport: 5.5 - 5.5-20221222
CPE2.3- cpe:2.3:a:axway:securetransport:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20200625:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20201029:*:*:*:*:*:*:*
https://docs.axway.com/bundle/st_rn/page/january_2023_update__5_5-20230126_.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds write
EUVDB-ID: #VU71586
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-40152
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when processing untrusted input within the Woodstox XML parser. A remote attacker can pass a specially crafted input to the application, trigger an out-of-bounds write and crash the application.
MitigationInstall update from vendor's website.
Vulnerable software versionsSecureTransport: 5.5 - 5.5-20221222
CPE2.3- cpe:2.3:a:axway:securetransport:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20200625:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20201029:*:*:*:*:*:*:*
https://docs.axway.com/bundle/st_rn/page/january_2023_update__5_5-20230126_.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Code Injection
EUVDB-ID: #VU70666
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-45143
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to manipulate server output.
The vulnerability exists due to improper input validation within the JsonErrorReportValve when handling type, message or description values. A remote attacker can send a specially crafted request and manipulate or invalidate JSON output.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsSecureTransport: 5.5 - 5.5-20221222
CPE2.3- cpe:2.3:a:axway:securetransport:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20200625:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20201029:*:*:*:*:*:*:*
https://docs.axway.com/bundle/st_rn/page/january_2023_update__5_5-20230126_.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) HTTP response splitting
EUVDB-ID: #VU70119
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-41915
CWE-ID:
CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform HTTP splitting attacks.
The vulnerability exists due to software does not validate header values when calling DefaultHttpHeaders.set with an iterator of values. A remote attacker can inject arbitrary header values and perform HTTP splitting attacks.
Successful exploitation of the vulnerability may allow an attacker perform cache poisoning attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsSecureTransport: 5.5 - 5.5-20221222
CPE2.3- cpe:2.3:a:axway:securetransport:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20200625:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20201029:*:*:*:*:*:*:*
https://docs.axway.com/bundle/st_rn/page/january_2023_update__5_5-20230126_.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds write
EUVDB-ID: #VU71109
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-45693
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack..
The vulnerability exists due to a boundary error when processing data passed via the map parameter. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds write and perform a denial of service (DoS) attack. MitigationInstall update from vendor's website.
Vulnerable software versionsSecureTransport: 5.5 - 5.5-20221222
CPE2.3- cpe:2.3:a:axway:securetransport:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20200625:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20201029:*:*:*:*:*:*:*
https://docs.axway.com/bundle/st_rn/page/january_2023_update__5_5-20230126_.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds write
EUVDB-ID: #VU71108
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-45685
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack..
The vulnerability exists due to a boundary error when processing crafted JSON data. A remote attacker can pass specially crafted input to the application, trigger an out-of-bounds write and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsSecureTransport: 5.5 - 5.5-20221222
CPE2.3- cpe:2.3:a:axway:securetransport:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20200625:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20201029:*:*:*:*:*:*:*
https://docs.axway.com/bundle/st_rn/page/january_2023_update__5_5-20230126_.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Insufficient verification of data authenticity
EUVDB-ID: #VU70441
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-37533
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows an attacker to redirect victim to a malicious host.
The vulnerability exists due to the application trusts the host from PASV response by default. A remote attacker can trick the victim into connecting to an attacker controlled FTP server and then redirect the application to another host.
Install update from vendor's website.
Vulnerable software versionsSecureTransport: 5.5 - 5.5-20221222
CPE2.3- cpe:2.3:a:axway:securetransport:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20200625:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20201029:*:*:*:*:*:*:*
https://docs.axway.com/bundle/st_rn/page/january_2023_update__5_5-20230126_.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Cross-site scripting
EUVDB-ID: #VU74446
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]
CVE-ID: N/A
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when handling log messages for failed authentication attempts. A remote attacker can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsSecureTransport: 5.5 - 5.5-20221222
CPE2.3- cpe:2.3:a:axway:securetransport:5.5:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20200625:*:*:*:*:*:*:*
- cpe:2.3:a:axway:securetransport:5.5-20201029:*:*:*:*:*:*:*
https://docs.axway.com/bundle/st_rn/page/january_2023_update__5_5-20230126_.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
