CWE-611
Improper Restriction of XML External Entity Reference
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
CVE-2017-7464 (GCVE-0-2017-7464)
Vulnerability from cvelistv5 – Published: 2018-07-27 12:00 – Updated: 2024-08-05 16:04
VLAI
Summary
It was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is vulnerable to certain XXE flaws. An attacker could use this flaw to cause DoS, SSRF, or information disclosure if they are able to provide XML content for parsing.
Severity
8.7 (High)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/98450 | vdb-entryx_refsource_BID |
Date Public
2017-05-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.737Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7464"
},
{
"name": "98450",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98450"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "JBoss",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "It was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is vulnerable to certain XXE flaws. An attacker could use this flaw to cause DoS, SSRF, or information disclosure if they are able to provide XML content for parsing."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-28T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7464"
},
{
"name": "98450",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98450"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7464",
"datePublished": "2018-07-27T12:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7465 (GCVE-0-2017-7465)
Vulnerability from cvelistv5 – Published: 2018-06-27 16:00 – Updated: 2024-08-05 16:04
VLAI
Summary
It was found that the JAXP implementation used in JBoss EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing. Doing a transform in JAXP requires the use of a 'javax.xml.transform.TransformerFactory'. If the FEATURE_SECURE_PROCESSING feature is set to 'true', it mitigates this vulnerability.
Severity
9 (Critical)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/97605 | vdb-entryx_refsource_BID |
Date Public
2017-04-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.524Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7465"
},
{
"name": "97605",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97605"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jboss",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "It was found that the JAXP implementation used in JBoss EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing. Doing a transform in JAXP requires the use of a \u0027javax.xml.transform.TransformerFactory\u0027. If the FEATURE_SECURE_PROCESSING feature is set to \u0027true\u0027, it mitigates this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-28T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7465"
},
{
"name": "97605",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97605"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7465",
"datePublished": "2018-06-27T16:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7545 (GCVE-0-2017-7545)
Vulnerability from cvelistv5 – Published: 2018-07-26 15:00 – Updated: 2024-08-05 16:04
VLAI
Summary
It was discovered that the XmlUtils class in jbpmmigration 6.5 performed expansion of external parameter entities while parsing XML files. A remote attacker could use this flaw to read files accessible to the user running the application server and, potentially, perform other more advanced XML eXternal Entity (XXE) attacks.
Severity
6.5 (Medium)
CWE
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/102179 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2017:3355 | vendor-advisoryx_refsource_REDHAT |
| https://github.com/kiegroup/jbpm-designer/commit/… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:3354 | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| KIE | jbpm-designer |
Affected:
6.5
|
Date Public
2017-11-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102179"
},
{
"name": "RHSA-2017:3355",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3355"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/kiegroup/jbpm-designer/commit/a143f3b92a6a5a527d929d68c02a0c5d914ab81d"
},
{
"name": "RHSA-2017:3354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7545"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "jbpm-designer",
"vendor": "KIE",
"versions": [
{
"status": "affected",
"version": "6.5"
}
]
}
],
"datePublic": "2017-11-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that the XmlUtils class in jbpmmigration 6.5 performed expansion of external parameter entities while parsing XML files. A remote attacker could use this flaw to read files accessible to the user running the application server and, potentially, perform other more advanced XML eXternal Entity (XXE) attacks."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-27T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "102179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102179"
},
{
"name": "RHSA-2017:3355",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3355"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/kiegroup/jbpm-designer/commit/a143f3b92a6a5a527d929d68c02a0c5d914ab81d"
},
{
"name": "RHSA-2017:3354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7545"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7545",
"datePublished": "2018-07-26T15:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:04:11.884Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7907 (GCVE-0-2017-7907)
Vulnerability from cvelistv5 – Published: 2017-05-19 02:43 – Updated: 2024-08-05 16:19
VLAI
Summary
An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware Historian Client 2014 R2 SP1 and prior. An improperly restricted XML parser (with improper restriction of XML external entity reference, or XXE) may allow an attacker to enter malicious input through the application which could cause a denial of service or disclose file contents from a server or connected network.
Severity
No CVSS data available.
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/98254 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1038542 | vdb-entryx_refsource_SECTRACK |
| https://ics-cert.us-cert.gov/advisories/ICSA-17-122-01 | x_refsource_MISC |
| http://software.schneider-electric.com/pdf/securi… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Schneider Electric Wonderware Historian Client |
Affected:
Schneider Electric Wonderware Historian Client
|
Date Public
2017-05-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:19:28.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98254",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98254"
},
{
"name": "1038542",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038542"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-122-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000120/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Schneider Electric Wonderware Historian Client",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Schneider Electric Wonderware Historian Client"
}
]
}
],
"datePublic": "2017-05-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware Historian Client 2014 R2 SP1 and prior. An improperly restricted XML parser (with improper restriction of XML external entity reference, or XXE) may allow an attacker to enter malicious input through the application which could cause a denial of service or disclose file contents from a server or connected network."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T09:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "98254",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98254"
},
{
"name": "1038542",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038542"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-122-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000120/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-7907",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Schneider Electric Wonderware Historian Client",
"version": {
"version_data": [
{
"version_value": "Schneider Electric Wonderware Historian Client"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper XML Parser Configuration issue was discovered in Schneider Electric Wonderware Historian Client 2014 R2 SP1 and prior. An improperly restricted XML parser (with improper restriction of XML external entity reference, or XXE) may allow an attacker to enter malicious input through the application which could cause a denial of service or disclose file contents from a server or connected network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98254",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98254"
},
{
"name": "1038542",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038542"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-122-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-122-01"
},
{
"name": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000120/",
"refsource": "MISC",
"url": "http://software.schneider-electric.com/pdf/security-bulletin/lfsec00000120/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-7907",
"datePublished": "2017-05-19T02:43:00.000Z",
"dateReserved": "2017-04-18T00:00:00.000Z",
"dateUpdated": "2024-08-05T16:19:28.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0100 (GCVE-0-2018-0100)
Vulnerability from cvelistv5 – Published: 2018-01-18 06:00 – Updated: 2024-12-02 21:43
VLAI
Summary
A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local attacker to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of the XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by injecting a crafted XML file with malicious entries, which could allow the attacker to read and write files. Cisco Bug IDs: CSCvg19341.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/102738 | vdb-entryx_refsource_BID |
| https://tools.cisco.com/security/center/content/C… | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1040246 | vdb-entryx_refsource_SECTRACK |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Cisco AnyConnect |
Affected:
Cisco AnyConnect
|
Date Public
2018-01-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:14:16.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102738",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102738"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-acpe"
},
{
"name": "1040246",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040246"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0100",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T18:55:38.475848Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:43:27.568Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco AnyConnect",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco AnyConnect"
}
]
}
],
"datePublic": "2018-01-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local attacker to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of the XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by injecting a crafted XML file with malicious entries, which could allow the attacker to read and write files. Cisco Bug IDs: CSCvg19341."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-20T10:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "102738",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102738"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-acpe"
},
{
"name": "1040246",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040246"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco AnyConnect",
"version": {
"version_data": [
{
"version_value": "Cisco AnyConnect"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local attacker to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of the XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by injecting a crafted XML file with malicious entries, which could allow the attacker to read and write files. Cisco Bug IDs: CSCvg19341."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102738",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102738"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-acpe",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-acpe"
},
{
"name": "1040246",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040246"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0100",
"datePublished": "2018-01-18T06:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-12-02T21:43:27.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0108 (GCVE-0-2018-0108)
Vulnerability from cvelistv5 – Published: 2018-01-18 06:00 – Updated: 2024-12-02 21:35
VLAI
Summary
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to the ability of an attacker to perform an out-of-band XXE injection on the system, which could allow an attacker to capture customer files and redirect them to another destination address. An exploit could allow the attacker to discover sensitive customer data. Cisco Bug IDs: CSCvg36996.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1040238 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/102720 | vdb-entryx_refsource_BID |
| https://tools.cisco.com/security/center/content/C… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Cisco WebEx Meetings Server |
Affected:
Cisco WebEx Meetings Server
|
Date Public
2018-01-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:14:16.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040238",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040238"
},
{
"name": "102720",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102720"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-wms"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0108",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:11:45.672561Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:35:43.854Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco WebEx Meetings Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco WebEx Meetings Server"
}
]
}
],
"datePublic": "2018-01-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to the ability of an attacker to perform an out-of-band XXE injection on the system, which could allow an attacker to capture customer files and redirect them to another destination address. An exploit could allow the attacker to discover sensitive customer data. Cisco Bug IDs: CSCvg36996."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-19T10:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1040238",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040238"
},
{
"name": "102720",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102720"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-wms"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco WebEx Meetings Server",
"version": {
"version_data": [
{
"version_value": "Cisco WebEx Meetings Server"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to the ability of an attacker to perform an out-of-band XXE injection on the system, which could allow an attacker to capture customer files and redirect them to another destination address. An exploit could allow the attacker to discover sensitive customer data. Cisco Bug IDs: CSCvg36996."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040238",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040238"
},
{
"name": "102720",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102720"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-wms",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-wms"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0108",
"datePublished": "2018-01-18T06:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-12-02T21:35:43.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0414 (GCVE-0-2018-0414)
Vulnerability from cvelistv5 – Published: 2018-10-05 14:00 – Updated: 2024-11-26 14:46
VLAI
Title
Cisco Secure Access Control Server XML External Entity Injection Vulnerability
Summary
A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote attacker to gain read access to certain information in an affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/105289 | vdb-entryx_refsource_BID |
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id/1041688 | vdb-entryx_refsource_SECTRACK |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Secure Access Control Server Solution Engine (ACSE) |
Affected:
n/a
|
Date Public
2018-09-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:15.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105289",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105289"
},
{
"name": "20180905 Cisco Secure Access Control Server XML External Entity Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-acsxxe"
},
{
"name": "1041688",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041688"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0414",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T18:48:40.787706Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T14:46:08.525Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Access Control Server Solution Engine (ACSE)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote attacker to gain read access to certain information in an affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-07T09:57:02.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "105289",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105289"
},
{
"name": "20180905 Cisco Secure Access Control Server XML External Entity Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-acsxxe"
},
{
"name": "1041688",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041688"
}
],
"source": {
"advisory": "cisco-sa-20180905-acsxxe",
"defect": [
[
"CSCvi85318"
]
],
"discovery": "UNKNOWN"
},
"title": "Cisco Secure Access Control Server XML External Entity Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2018-09-05T16:00:00-0500",
"ID": "CVE-2018-0414",
"STATE": "PUBLIC",
"TITLE": "Cisco Secure Access Control Server XML External Entity Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Secure Access Control Server Solution Engine (ACSE)",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an authenticated, remote attacker to gain read access to certain information in an affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file."
}
]
},
"impact": {
"cvss": {
"baseScore": "6.5",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105289",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105289"
},
{
"name": "20180905 Cisco Secure Access Control Server XML External Entity Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-acsxxe"
},
{
"name": "1041688",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041688"
}
]
},
"source": {
"advisory": "cisco-sa-20180905-acsxxe",
"defect": [
[
"CSCvi85318"
]
],
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0414",
"datePublished": "2018-10-05T14:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-11-26T14:46:08.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10600 (GCVE-0-2018-10600)
Vulnerability from cvelistv5 – Published: 2018-07-24 13:00 – Updated: 2024-09-16 16:17
VLAI
Summary
SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in certain situations on specific platforms), and denial of service attacks.
Severity
No CVSS data available.
CWE
- CWE-611 - IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE ('XXE') CWE-611
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-191-02 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Schweitzer Engineering Laboratories, Inc. | AcSELerator Architect |
Affected:
2.2.24.0 and prior
|
Date Public
2018-07-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:39:08.073Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AcSELerator Architect",
"vendor": "Schweitzer Engineering Laboratories, Inc.",
"versions": [
{
"status": "affected",
"version": "2.2.24.0 and prior"
}
]
}
],
"datePublic": "2018-07-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in certain situations on specific platforms), and denial of service attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE (\u0027XXE\u0027) CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-24T12:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-07-10T00:00:00",
"ID": "CVE-2018-10600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AcSELerator Architect",
"version": {
"version_data": [
{
"version_value": "2.2.24.0 and prior"
}
]
}
}
]
},
"vendor_name": "Schweitzer Engineering Laboratories, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in certain situations on specific platforms), and denial of service attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE (\u0027XXE\u0027) CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-191-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10600",
"datePublished": "2018-07-24T13:00:00.000Z",
"dateReserved": "2018-05-01T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:17:38.171Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10613 (GCVE-0-2018-10613)
Vulnerability from cvelistv5 – Published: 2018-06-04 14:00 – Updated: 2024-09-16 16:52
VLAI
Summary
Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior.
Severity
No CVSS data available.
CWE
- CWE-611 - XXE CWE-611
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/104377 | vdb-entryx_refsource_BID |
| http://www.gegridsolutions.com/app/DownloadFile.a… | x_refsource_CONFIRM |
| https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| GE | MDS PulseNET and MDS PulseNET Enterprise |
Affected:
Version 3.2.1 and prior
|
Date Public
2018-05-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104377",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104377"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.gegridsolutions.com/app/DownloadFile.aspx?prod=pulsenet\u0026type=9\u0026file=1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MDS PulseNET and MDS PulseNET Enterprise",
"vendor": "GE",
"versions": [
{
"status": "affected",
"version": "Version 3.2.1 and prior"
}
]
}
],
"datePublic": "2018-05-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "XXE CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-05T09:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"name": "104377",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104377"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.gegridsolutions.com/app/DownloadFile.aspx?prod=pulsenet\u0026type=9\u0026file=1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-05-31T00:00:00",
"ID": "CVE-2018-10613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MDS PulseNET and MDS PulseNET Enterprise",
"version": {
"version_data": [
{
"version_value": "Version 3.2.1 and prior"
}
]
}
}
]
},
"vendor_name": "GE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XXE CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104377",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104377"
},
{
"name": "http://www.gegridsolutions.com/app/DownloadFile.aspx?prod=pulsenet\u0026type=9\u0026file=1",
"refsource": "CONFIRM",
"url": "http://www.gegridsolutions.com/app/DownloadFile.aspx?prod=pulsenet\u0026type=9\u0026file=1"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-151-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10613",
"datePublished": "2018-06-04T14:00:00.000Z",
"dateReserved": "2018-05-01T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:52:57.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10614 (GCVE-0-2018-10614)
Vulnerability from cvelistv5 – Published: 2018-10-09 21:00 – Updated: 2024-09-17 01:40
VLAI
Summary
An XXE vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes specially crafted project XML files.
Severity
No CVSS data available.
CWE
- CWE-611 - IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE ('XXE') CWE-611
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-18-212-03 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| WECON Technology Co., Ltd | LeviStudioU |
Affected:
Versions 1.8.29 and 1.8.44
|
Date Public
2018-07-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:46:46.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LeviStudioU",
"vendor": "WECON Technology Co., Ltd",
"versions": [
{
"status": "affected",
"version": "Versions 1.8.29 and 1.8.44"
}
]
}
],
"datePublic": "2018-07-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An XXE vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes specially crafted project XML files."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE (\u0027XXE\u0027) CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T20:57:01.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2018-07-31T00:00:00",
"ID": "CVE-2018-10614",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LeviStudioU",
"version": {
"version_data": [
{
"version_value": "Versions 1.8.29 and 1.8.44"
}
]
}
}
]
},
"vendor_name": "WECON Technology Co., Ltd"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XXE vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes specially crafted project XML files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE (\u0027XXE\u0027) CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-212-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2018-10614",
"datePublished": "2018-10-09T21:00:00.000Z",
"dateReserved": "2018-05-01T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:40:31.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phases: Implementation, System Configuration
Description:
- Many XML parsers and validators can be configured to disable external entity expansion.
CAPEC-221: Data Serialization External Entities Blowup
This attack takes advantage of the entity replacement property of certain data serialization languages (e.g., XML, YAML, etc.) where the value of the replacement is a URI. A well-crafted file could have the entity refer to a URI that consumes a large amount of resources to create a denial of service condition. This can cause the system to either freeze, crash, or execute arbitrary code depending on the URI.