VDE-2024-004

Vulnerability from csaf_trumpfsecokg - Published: 2025-04-22 10:00 - Updated: 2025-05-22 13:03
Summary
TRUMPF: Multiple products affected by log4net vulnerability
Severity
Critical
Notes
Summary: The versions of TRUMPF products stated below are including a version of log4net that's prone to XXE (External XML Entities) attacks under certain circumstances. This means, the log4net code can be tricked into loading externally hosted, potentially malicious XML code and possibly executing it. This vulnerability allows for the execution of remote XML code, possibly resulting in unauthorized (remote) access to, change of data or disruption of the whole system running the vulnerable application.
Impact: This vulnerability allows for the execution of remote XML code or interpretation of XML config files, possibly resulting in unauthorized (remote) access to, change of data or disruption of the whole system running the vulnerable application.
Disclaimer: This document is provided on an \"AS IS\" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document or materials linked from the document is at your own risk. TRUMPF SE + Co. KG reserves the right to change or update this document at any time.
Remediation: New versions are available for the affected products. Install new versions as provided by TRUMPF SE + Co. KG. To aquire these versions please contact your TRUMPF Service with the PR number 500879.
CVE-2018-1285
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-611 - Improper Restriction of XML External Entity Reference
Vendor Fix New versions are available for the affected products. Install new versions as provided by TRUMPF SE + Co. KG. To aquire these versions please contact your TRUMPF Service with the PR number 500879.
References
Acknowledgments
CERT@VDE certvde.com
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      }
    ],
    "aggregate_severity": {
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "The versions of TRUMPF products stated below are including a version of log4net that\u0027s prone to XXE\n(External XML Entities) attacks under certain circumstances. This means, the log4net code can be tricked\ninto loading externally hosted, potentially malicious XML code and possibly executing it. This vulnerability allows for the execution of remote XML code, possibly resulting in unauthorized (remote) access to, change of data or disruption of the whole system running the vulnerable application.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "This vulnerability allows for the execution of remote XML code or interpretation of XML config files, possibly resulting in unauthorized (remote) access to, change of data or disruption of the whole system running the vulnerable application.",
        "title": "Impact"
      },
      {
        "category": "legal_disclaimer",
        "text": "This document is provided on an \\\"AS IS\\\" basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document or materials linked from the document is at your own risk. TRUMPF SE + Co. KG reserves the right to change or update this document at any time.",
        "title": "Disclaimer"
      },
      {
        "category": "description",
        "text": "New versions are available for the affected products. Install new versions as provided by TRUMPF SE + Co. KG. To aquire these versions please contact your TRUMPF Service with the PR number 500879.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "product.security@trumpf.com",
      "name": "Trumpf SE + Co. KG",
      "namespace": "https://www.trumpf.com"
    },
    "references": [
      {
        "category": "external",
        "summary": "Messages to TRUMPF PSIRT",
        "url": "https://www.trumpf.com/en_GB/meta/security-with-trumpf/message-to-psirt/"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for TRUMPF SE + Co. KG",
        "url": "https://certvde.com/en/advisories/vendor/trumpf/"
      },
      {
        "category": "self",
        "summary": "VDE-2024-004: TRUMPF: Multiple products affected by log4net vulnerability - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2024-004"
      },
      {
        "category": "self",
        "summary": "VDE-2024-004: TRUMPF: Multiple products affected by log4net vulnerability - CSAF",
        "url": "https://trumpf.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2024-004.json"
      },
      {
        "category": "external",
        "summary": "CVE-2018-1285 - NVD",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1285"
      }
    ],
    "title": "TRUMPF: Multiple products affected by log4net vulnerability",
    "tracking": {
      "aliases": [
        "VDE-2024-004"
      ],
      "current_release_date": "2025-05-22T13:03:10.000Z",
      "generator": {
        "date": "2025-04-16T08:58:29.987Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.18"
        }
      },
      "id": "VDE-2024-004",
      "initial_release_date": "2025-04-22T10:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-04-22T10:00:00.000Z",
          "number": "1.0.0",
          "summary": "Initial version"
        },
        {
          "date": "2025-05-22T13:03:10.000Z",
          "number": "1.0.1",
          "summary": "Fix: added distribution, quotation mark"
        }
      ],
      "status": "final",
      "version": "1.0.1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c=16.0.24",
                    "product": {
                      "name": "TruTops Boost \u003c=16.0.24",
                      "product_id": "CSAFPID-00001"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "17.0.23",
                    "product": {
                      "name": "TruTops Boost 17.0.23",
                      "product_id": "CSAFPID-00002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "TruTops Boost"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c=22.7",
                    "product": {
                      "name": "TruTops Fab (Storage) \u003c=22.7",
                      "product_id": "CSAFPID-01001"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "22.8",
                    "product": {
                      "name": "TruTops Fab (Storage) 22.8",
                      "product_id": "CSAFPID-01002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "TruTops Fab (Storage)"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c=3.0.24",
                    "product": {
                      "name": "Oseon (Storage) \u003c=3.0.24",
                      "product_id": "CSAFPID-02001"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "4.0.23",
                    "product": {
                      "name": "Oseon (Storage) 4.0.23",
                      "product_id": "CSAFPID-02002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oseon (Storage)"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c=12.1",
                    "product": {
                      "name": "TruTops Classic \u003c=12.1",
                      "product_id": "CSAFPID-03001"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "13.0",
                    "product": {
                      "name": "TruTops Classic 13.0",
                      "product_id": "CSAFPID-03002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "TruTops Classic"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c2.54.24",
                    "product": {
                      "name": "TruTops Cell \u003c2.54.24",
                      "product_id": "CSAFPID-04001"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "2.54.24",
                    "product": {
                      "name": "TruTops Cell 2.54.24",
                      "product_id": "CSAFPID-04002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "TruTops Cell"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "\u003c=6.2",
                    "product": {
                      "name": "TruTops Mark \u003c=6.2",
                      "product_id": "CSAFPID-05001"
                    }
                  },
                  {
                    "category": "product_version",
                    "name": "6.3",
                    "product": {
                      "name": "TruTops Mark 6.3",
                      "product_id": "CSAFPID-05002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "TruTops Mark"
              }
            ],
            "category": "product_family",
            "name": "Software"
          }
        ],
        "category": "vendor",
        "name": "TRUMPF SE + Co. KG"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-1285",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "audience": "all",
          "category": "summary",
          "text": "Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-00002",
          "CSAFPID-01002",
          "CSAFPID-02002",
          "CSAFPID-03002",
          "CSAFPID-04002",
          "CSAFPID-05002"
        ],
        "known_affected": [
          "CSAFPID-00001",
          "CSAFPID-01001",
          "CSAFPID-02001",
          "CSAFPID-03001",
          "CSAFPID-04001",
          "CSAFPID-05001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-03-17T11:00:00.000Z",
          "details": "New versions are available for the affected products. Install new versions as provided by TRUMPF SE + Co. KG. To aquire these versions please contact your TRUMPF Service with the PR number 500879.",
          "product_ids": [
            "CSAFPID-00001",
            "CSAFPID-01001",
            "CSAFPID-02001",
            "CSAFPID-03001",
            "CSAFPID-04001",
            "CSAFPID-05001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-00001",
            "CSAFPID-01001",
            "CSAFPID-02001",
            "CSAFPID-03001",
            "CSAFPID-04001",
            "CSAFPID-05001"
          ]
        }
      ],
      "title": "CVE-2018-1285"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.