Uploaded image for project: 'Talend Unified Platform'
  1. Talend Unified Platform
  2. TUP-22576

[CVE:high] Backend : pkg:unknown/ requires version upgrade

Apply templateInsert Lucidchart Diagram
    XMLWordPrintable

Details

    • Work Item
    • Status: Rejected
    • Critical
    • Resolution: Suggestion noted
    • None
    • None
    • None
    • All
    • 7.3.1-Sprint_1 UP
    • GreenHopper Ranking:
      0|i1gqs3:
    • 9223372036854775807
    • Small

    Description

      What: this is security issue

      {{
      {
      "path": "Studio",
      "advisory": "CVE-2009-3548",
      "purl": "pkg:unknown/",
      "severity": "high",
      "title": "The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.",
      "tool": "NVD",
      "jira": null,
      "audit": "2019-04-01",
      "context": {
      "findings": {
      "edb9acd7-6744-401c-a620-32b38bce56b2": {
      "0ed0e659-f1a1-4f67-9c67-a0b2e893a641": [

      { "Path": "/repository/tomcat/jasper-runtime/5.5.23/jasper-runtime-5.5.23.jar", "Usage": "DYNAMICALLY_LINKED", "Adjusted": "false", "Origin id": "14cdc49b-fbf6-461b-b14b-87f63181bfd7", "Match type": "Exact", "Version id": "0ed0e659-f1a1-4f67-9c67-a0b2e893a641", "Origin name": "maven", "Component id": "edb9acd7-6744-401c-a620-32b38bce56b2", "Match content": "", "Overridden By": "", "Component name": "Apache Tomcat", "Origin name id": "tomcat:jasper-runtime:5.5.23", "Archive context": "/Talend-Studio-20181026_1147-V7.1.1/plugins/org.talend.designer.maven.tis_7.1.1.20181026_1147/resources/repository/maven_repository.zip!/", "Component version name": "5.5.23", "Component policy status": "", "Component origin version name": "5.5.23" }

      ,

      { "Path": "/repository/tomcat/jasper-compiler/5.5.23/jasper-compiler-5.5.23.jar", "Usage": "DYNAMICALLY_LINKED", "Adjusted": "false", "Origin id": "db85be65-df6c-41db-97bc-5a61c4a9949f", "Match type": "Exact", "Version id": "0ed0e659-f1a1-4f67-9c67-a0b2e893a641", "Origin name": "maven", "Component id": "edb9acd7-6744-401c-a620-32b38bce56b2", "Match content": "", "Overridden By": "", "Component name": "Apache Tomcat", "Origin name id": "tomcat:jasper-compiler:5.5.23", "Archive context": "/Talend-Studio-20181026_1147-V7.1.1/plugins/org.talend.designer.maven.tis_7.1.1.20181026_1147/resources/repository/maven_repository.zip!/", "Component version name": "5.5.23", "Component policy status": "", "Component origin version name": "5.5.23" }

      ],
      "aba011e9-053b-4591-972f-15a760295aea": [

      { "Path": "/org/", "Usage": "DYNAMICALLY_LINKED", "Adjusted": "false", "Origin id": "bad6168f-1a82-4630-aecc-cf2555a705b1", "Match type": "Exact", "Version id": "aba011e9-053b-4591-972f-15a760295aea", "Origin name": "unknown", "Component id": "edb9acd7-6744-401c-a620-32b38bce56b2", "Match content": "", "Overridden By": "", "Component name": "Apache Tomcat", "Origin name id": "", "Archive context": "/Talend-Studio-20181026_1147-V7.1.1/plugins/org.talend.libraries.jdtcompiler_7.1.1.20181026_1147/lib/jdt-compiler-3.1.1.jar!/", "Component version name": "5.5.15", "Component policy status": "", "Component origin version name": "5.5.15" }

      ,

      { "Path": "/org/eclipse/jdt/internal/compiler/", "Usage": "DYNAMICALLY_LINKED", "Adjusted": "false", "Origin id": "bad6168f-1a82-4630-aecc-cf2555a705b1", "Match type": "Exact", "Version id": "aba011e9-053b-4591-972f-15a760295aea", "Origin name": "unknown", "Component id": "edb9acd7-6744-401c-a620-32b38bce56b2", "Match content": "", "Overridden By": "", "Component name": "Apache Tomcat", "Origin name id": "", "Archive context": "/Talend-Studio-20181026_1147-V7.1.1/plugins/org.talend.designer.maven.tis_7.1.1.20181026_1147/resources/repository/maven_repository.zip!/repository/org/eclipse/jdt/core/3.1.1/core-3.1.1.jar!/", "Component version name": "5.5.15", "Component policy status": "", "Component origin version name": "5.5.15" }

      ,

      { "Path": "/org/eclipse/jdt/core/compiler/", "Usage": "DYNAMICALLY_LINKED", "Adjusted": "false", "Origin id": "bad6168f-1a82-4630-aecc-cf2555a705b1", "Match type": "Exact", "Version id": "aba011e9-053b-4591-972f-15a760295aea", "Origin name": "unknown", "Component id": "edb9acd7-6744-401c-a620-32b38bce56b2", "Match content": "", "Overridden By": "", "Component name": "Apache Tomcat", "Origin name id": "", "Archive context": "/Talend-Studio-20181026_1147-V7.1.1/plugins/org.talend.designer.maven.tis_7.1.1.20181026_1147/resources/repository/maven_repository.zip!/repository/org/eclipse/jdt/core/3.1.1/core-3.1.1.jar!/", "Component version name": "5.5.15", "Component policy status": "", "Component origin version name": "5.5.15" }

      ]
      }
      }
      },
      "uuid": "af0cf4b0-de90-4f82-bba5-5d5094ad1b1e",
      "version": "7.1",
      "jira_slug": "TUP",
      "jira_component": null
      }
      }}

      Attachments

        Activity

          People

            nrousseau Nicolas Rousseau
            jmfrancois Jean-Michel Francois
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - 2 days
                2d
                Remaining:
                Remaining Estimate - 2 days
                2d
                Logged:
                Time Spent - Not Specified
                Not Specified