JVNDB-2021-009028

JVNDB-2021-009028
Apache CXF �ｽﾉゑｿｽ�ｽ�ｽ�ｽ髢ｳ�ｽ�ｽ�ｽ�ｽ�ｽ[�ｽv�ｽﾉ関ゑｿｽ�ｽ�ｽﾆ弱性
�ｽT�ｽv
Apache CXF �ｽﾉは、�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ[�ｽv�ｽﾉ関ゑｿｽ�ｽ�ｽﾆ弱性�ｽ�ｽ�ｽ�ｽ�ｽﾝゑｿｽ�ｽﾜゑｿｽ�ｽB
CVSS �ｽﾉゑｿｽ�ｽ[�ｽ�ｽ�ｽx (CVSS �ｽﾆゑｿｽ?)
CVSS v3 �ｽﾉゑｿｽ�ｽ[�ｽ�ｽ�ｽx �ｽ�ｽ{�ｽl: 7.5 (�ｽd�ｽv) [NVD�ｽl] �ｽU�ｽ�ｽ�ｽ�ｽ�ｽ謨ｪ: �ｽl�ｽb�ｽg�ｽ�ｽ�ｽ[�ｽN �ｽU�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽﾌ包ｿｽ�ｽG�ｽ�ｽ: �ｽ�ｽ �ｽU�ｽ�ｽ�ｽﾉ必�ｽv�ｽﾈ難ｿｽ�ｽ�ｽ�ｽ�ｽ�ｽx�ｽ�ｽ: �ｽs�ｽv �ｽ�ｽ�ｽp�ｽﾒの関与: �ｽs�ｽv �ｽe�ｽ�ｽ�ｽﾌ想�ｽ�ｽﾍ茨ｿｽ: �ｽﾏ更�ｽﾈゑｿｽ �ｽ@�ｽ�ｽ�ｽ�ｽ�ｽﾖの影�ｽ�ｽ(C): �ｽﾈゑｿｽ �ｽ�ｽ�ｽS�ｽ�ｽ�ｽﾖの影�ｽ�ｽ(I): �ｽﾈゑｿｽ �ｽﾂ用�ｽ�ｽ�ｽﾖの影�ｽ�ｽ(A): �ｽ�ｽ CVSS v2 �ｽﾉゑｿｽ�ｽ[�ｽ�ｽ�ｽx �ｽ�ｽ{�ｽl: 5.0 (�ｽx�ｽ�ｽ) [NVD�ｽl] �ｽU�ｽ�ｽ�ｽ�ｽ�ｽ謨ｪ: �ｽl�ｽb�ｽg�ｽ�ｽ�ｽ[�ｽN �ｽU�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽﾌ包ｿｽ�ｽG�ｽ�ｽ: �ｽ�ｽ �ｽU�ｽ�ｽ�ｽO�ｽﾌ認�ｽﾘ要�ｽ�ｽ: �ｽs�ｽv �ｽ@�ｽ�ｽ�ｽ�ｽ�ｽﾖの影�ｽ�ｽ(C): �ｽﾈゑｿｽ �ｽ�ｽ�ｽS�ｽ�ｽ�ｽﾖの影�ｽ�ｽ(I): �ｽﾈゑｿｽ �ｽﾂ用�ｽ�ｽ�ｽﾖの影�ｽ�ｽ(A): �ｽ�ｽ�ｽ�ｽ�ｽI
�ｽe�ｽ�ｽ�ｽ�ｽ�ｽｯゑｿｽV�ｽX�ｽe�ｽ�ｽ

Apache Software Foundation Apache CXF 3.4.4 �ｽ�ｽ�ｽ�ｽ Apache CXF 3.3.11 �ｽ�ｽ�ｽ�ｽ TomEE �ｽI�ｽ�ｽ�ｽN�ｽ�ｽ Oracle Business Intelligence Oracle Communications Messaging Server Oracle Communications Session Element Manager �ｽ�ｽ�ｽ�ｽ Hitachi Ops Center Common Services 10.8.2-00 �ｽ�ｽ�ｽ�ｽ
�ｽ{�ｽﾆ弱性�ｽﾌ影�ｽ�ｽ�ｽ�ｽ�ｽｯる製�ｽi�ｽﾌ詳細につゑｿｽ�ｽﾄは、�ｽx�ｽ�ｽ�ｽ_�ｽ�ｽｨゑｿｽﾑ参�ｽl�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽm�ｽF�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽB
�ｽz�ｽ閧ｳ�ｽ�ｽ�ｽe�ｽ�ｽ
�ｽT�ｽ[�ｽr�ｽX�ｽ^�ｽp�ｽW�ｽQ (DoS) �ｽ�ｽﾔにゑｿｽ�ｽ�ｽ�ｽﾂ能�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽﾜゑｿｽ�ｽB
�ｽﾎ搾ｿｽ
�ｽx�ｽ�ｽ�ｽ_�ｽ�ｽ關ｳ�ｽ�ｽ�ｽﾈ対策が鯉ｿｽ�ｽJ�ｽ�ｽ�ｽ�ｽﾄゑｿｽ�ｽﾜゑｿｽ�ｽB�ｽx�ｽ�ｽ�ｽ_�ｽ�ｽ�ｽ�ｽ�ｽQ�ｽﾆゑｿｽ�ｽﾄ適�ｽﾘな対搾ｿｽ�ｽ�ｽ�ｽ�ｽ{�ｽ�ｽ�ｽﾄゑｿｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽB
�ｽx�ｽ�ｽ�ｽ_�ｽ�ｽ�ｽ
Apache Software Foundation Apache CXF : Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter (CVE-2021-30468) Pony Mail : [jira] [Created] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF Pony Mail : [jira] [Reopened] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF Pony Mail : CVE-2021-30468: Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter Pony Mail : [jira] [Updated] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF - Richard Zowalla (Jira) Pony Mail : [jira] [Commented] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF - Marius Ionica (Jira) Pony Mail : [jira] [Resolved] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF Pony Mail : [jira] [Updated] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF - Jayaprakash (Jira) Pony Mail : [jira] [Commented] (TOMEE-3768) TomEE plus is affected by CVE-CVE-2021-30468 vulnerability related to Apache CXF - Richard Zowalla (Jira) �ｽI�ｽ�ｽ�ｽN�ｽ�ｽ Oracle Critical Patch Update : Oracle Critical Patch Update Advisory - October 2021 �ｽ�ｽ�ｽ�ｽ Hitachi Software Vulnerability Information : hitachi-sec-2022-115 �ｽ\�ｽt�ｽg�ｽE�ｽF�ｽA�ｽ�ｽ�ｽi�ｽZ�ｽL�ｽ�ｽ�ｽ�ｽ�ｽe�ｽB�ｽ�ｽ�ｽ : hitachi-sec-2022-115
CWE�ｽﾉゑｿｽ�ｽﾆ弱性�ｽ^�ｽC�ｽv�ｽ齬� CWE�ｽﾆゑｿｽ?
�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ�ｽ[�ｽv(CWE-835) [NVD�ｽ]�ｽ�ｽ]
�ｽ�ｽ�ｽﾊ脆弱性�ｽ�ｽ�ｽﾊ子(CVE) CVE�ｽﾆゑｿｽ?
CVE-2021-30468
�ｽQ�ｽl�ｽ�ｽ�ｽ
National Vulnerability Database (NVD) : CVE-2021-30468
�ｽX�ｽV�ｽ�ｽ�ｽ�ｽ
[2022�ｽN04�ｽ�ｽ06�ｽ�ｽ] �ｽf�ｽ�ｽ [2022�ｽN05�ｽ�ｽ30�ｽ�ｽ] �ｽx�ｽ�ｽ�ｽ_�ｽ�ｽ�ｽF�ｽ�ｽ�ｽ�ｽ (hitachi-sec-2022-115) �ｽ�ｽﾇ会ｿｽ �ｽe�ｽ�ｽ�ｽ�ｽ�ｽｯゑｿｽV�ｽX�ｽe�ｽ�ｽ�ｽF�ｽx�ｽ�ｽ�ｽ_�ｽ�ｽ�ｽﾌ追会ｿｽ�ｽﾉ費ｿｽ�ｽ�ｽ�ｽ�ｽ�ｽe�ｽ�ｽ�ｽX�ｽV


�ｽ�ｽ�ｽ\�ｽ�ｽ	2021/06/16
�ｽo�ｽ^�ｽ�ｽ	2022/04/06
�ｽﾅ終�ｽX�ｽV�ｽ�ｽ	2022/05/30

Apache CXF �ｽﾉゑｿｽ�ｽ�ｽ�ｽ髢ｳ�ｽ�ｽ�ｽ�ｽ�ｽ[�ｽv�ｽﾉ関ゑｿｽ�ｽ�ｽﾆ弱性