CVE-2018-11758

This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a malicious XML file, the attacker will be able to instruct the XML parser built into CayenneModeler to transfer files from a local machine to a remote machine controlled by the attacker. The cause of the issue is XML parser processing XML External Entity (XXE) declarations included in XML. The vulnerability is addressed in Cayenne by disabling XXE processing in all operations that require XML parsing.

CVSS v3 8.1 HIGH
CVSS v2.0 5.8 MEDIUM

8.1^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/105142	Third Party Advisory VDB Entry
https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c%40%3Cuser.cayenne.apache.org%3E

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:cayenne::::::::
	cpe:2.3:a:apache:cayenne:3.1.1:::::::*
	cpe:2.3:a:apache:cayenne:3.1.2:::::::*
	cpe:2.3:a:apache:cayenne:3.2:milestone1::::::
	cpe:2.3:a:apache:cayenne:4.0:beta1::::::
	cpe:2.3:a:apache:cayenne:4.0:beta2::::::
	cpe:2.3:a:apache:cayenne:4.0:milestone2::::::
	cpe:2.3:a:apache:cayenne:4.0:milestone3::::::
	cpe:2.3:a:apache:cayenne:4.0:milestone4::::::
	cpe:2.3:a:apache:cayenne:4.0:milestone5::::::
	cpe:2.3:a:apache:cayenne:4.0:rc1::::::
	cpe:2.3:a:apache:cayenne:4.1:milestone1::::::

History

07 Nov 2023, 02:51

Type	Values Removed	Values Added
References	{'url': 'https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c@%3Cuser.cayenne.apache.org%3E', 'name': '[cayenne-user] 20180822 CVE-2018-11758: Apache Cayenne XXE Vulnerability in CayenneModeler GUI tool', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}	() https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c%40%3Cuser.cayenne.apache.org%3E -

Information

Published : 2018-08-22 20:29

Updated : 2024-02-28 16:48

NVD link : CVE-2018-11758

Mitre link : CVE-2018-11758

CVE.ORG link : CVE-2018-11758

JSON object : View

Products Affected

apache

cayenne

CWE

CWE-611

Improper Restriction of XML External Entity Reference

8.1 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.8 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2018-11758

8.1^/10

5.8^/10

Attach tags to `CVE-2018-11758`