VAR-202209-0654
Vulnerability from variot - Updated: 2023-12-18 13:27Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by Forcepoint One Endpoint (F1E), Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20, 2022. The XML parser in the Policy Engine was found to be improperly configured to support external entities and external DTD (Document Type Definitions), which can lead to an XXE attack. This issue affects: Forcepoint Data Loss Prevention (DLP) versions prior to 8.8.2. Forcepoint One Endpoint (F1E) with Policy Engine versions prior to 8.8.2. Forcepoint Web Security Content Gateway versions prior to 8.5.5. Forcepoint Email Security with DLP enabled versions prior to 8.5.5. Forcepoint Cloud Security Gateway prior to June 20, 2022. multiple Forcepoint LLC. The product has XML There is a vulnerability in an external entity.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202209-0654",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web security content gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "forcepoint",
"version": "8.5.5"
},
{
"model": "one endpoint with policy engine",
"scope": "lt",
"trust": 1.0,
"vendor": "forcepoint",
"version": "8.8.2"
},
{
"model": "data loss prevention",
"scope": "lt",
"trust": 1.0,
"vendor": "forcepoint",
"version": "8.8.2"
},
{
"model": "email security",
"scope": "lt",
"trust": 1.0,
"vendor": "forcepoint",
"version": "8.5.5"
},
{
"model": "cloud security gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "forcepoint",
"version": "2022-06-20"
},
{
"model": "cloud security gateway",
"scope": null,
"trust": 0.8,
"vendor": "forcepoint",
"version": null
},
{
"model": "web security content gateway",
"scope": null,
"trust": 0.8,
"vendor": "forcepoint",
"version": null
},
{
"model": "data loss prevention",
"scope": null,
"trust": 0.8,
"vendor": "forcepoint",
"version": null
},
{
"model": "email security",
"scope": null,
"trust": 0.8,
"vendor": "forcepoint",
"version": null
},
{
"model": "one endpoint with policy engine",
"scope": null,
"trust": 0.8,
"vendor": "forcepoint",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-016914"
},
{
"db": "NVD",
"id": "CVE-2022-1700"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:forcepoint:cloud_security_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2022-06-20",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:forcepoint:email_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.5.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:forcepoint:one_endpoint_with_policy_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.8.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:forcepoint:data_loss_prevention:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.8.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:forcepoint:web_security_content_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.5.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-1700"
}
]
},
"cve": "CVE-2022-1700",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@forcepoint.com",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-1700",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-1700",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "psirt@forcepoint.com",
"id": "CVE-2022-1700",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202209-726",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-016914"
},
{
"db": "NVD",
"id": "CVE-2022-1700"
},
{
"db": "NVD",
"id": "CVE-2022-1700"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-726"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper Restriction of XML External Entity Reference (\u0027XXE\u0027) vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by Forcepoint One Endpoint (F1E), Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20, 2022. The XML parser in the Policy Engine was found to be improperly configured to support external entities and external DTD (Document Type Definitions), which can lead to an XXE attack. This issue affects: Forcepoint Data Loss Prevention (DLP) versions prior to 8.8.2. Forcepoint One Endpoint (F1E) with Policy Engine versions prior to 8.8.2. Forcepoint Web Security Content Gateway versions prior to 8.5.5. Forcepoint Email Security with DLP enabled versions prior to 8.5.5. Forcepoint Cloud Security Gateway prior to June 20, 2022. multiple Forcepoint LLC. The product has XML There is a vulnerability in an external entity.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-1700"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016914"
},
{
"db": "VULHUB",
"id": "VHN-419813"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-1700",
"trust": 3.3
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016914",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202209-726",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-419813",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-419813"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016914"
},
{
"db": "NVD",
"id": "CVE-2022-1700"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-726"
}
]
},
"id": "VAR-202209-0654",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-419813"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:27:03.236000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Forcepoint Data Loss Prevention Fixes for code issue vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=207863"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-726"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.1
},
{
"problemtype": "XML Improper restriction of external entity references (CWE-611) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-419813"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016914"
},
{
"db": "NVD",
"id": "CVE-2022-1700"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://help.forcepoint.com/security/cve/cve-2022-1700.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1700"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/forcepoint-dlp-external-xml-entity-injection-39253"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-1700/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-419813"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016914"
},
{
"db": "NVD",
"id": "CVE-2022-1700"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-726"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-419813"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016914"
},
{
"db": "NVD",
"id": "CVE-2022-1700"
},
{
"db": "CNNVD",
"id": "CNNVD-202209-726"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-419813"
},
{
"date": "2023-10-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-016914"
},
{
"date": "2022-09-12T19:15:08.603000",
"db": "NVD",
"id": "CVE-2022-1700"
},
{
"date": "2022-09-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202209-726"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-15T00:00:00",
"db": "VULHUB",
"id": "VHN-419813"
},
{
"date": "2023-10-06T08:13:00",
"db": "JVNDB",
"id": "JVNDB-2022-016914"
},
{
"date": "2022-09-15T18:05:38.843000",
"db": "NVD",
"id": "CVE-2022-1700"
},
{
"date": "2022-09-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202209-726"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-726"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Forcepoint\u00a0LLC.\u00a0 In the product \u00a0XML\u00a0 External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-016914"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202209-726"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…