CVE-2016-4469

Name of the Vulnerable Software and Affected Versions Apache Archiva versions 1.3.9 and earlier

Description The issue allows remote attackers to hijack the authentication of administrators for various requests, including adding new repository proxy connectors via the "admin/addProxyConnector commit.action" API endpoint with the token parameter, adding new repositories via the "admin/addRepository commit.action" API endpoint with the token parameter, editing existing repositories via the "admin/editRepository commit.action" API endpoint with the token parameter, adding legacy artifact paths via the "admin/addLegacyArtifactPath commit.action" API endpoint with the token parameter, changing the organizational appearance via the "admin/saveAppearance.action" API endpoint with the token parameter, or uploading new artifacts via the "upload submit.action" API endpoint with the token parameter.

Recommendations For Apache Archiva versions 1.3.9 and earlier, consider disabling the token parameter in the affected API endpoints as a temporary workaround until a patch is available. Restrict access to the "admin/addProxyConnector commit.action", "admin/addRepository commit.action", "admin/editRepository commit.action", "admin/addLegacyArtifactPath commit.action", "admin/saveAppearance.action", and "upload submit.action" API endpoints to minimize the risk of exploitation.