CVE-2023-20855

VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. A malicious actor, with non-administrative access to vRealize Orchestrator, may be able to use specially crafted input to bypass XML parsing restrictions leading to access to sensitive information or possible escalation of privileges.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.vmware.com/security/advisories/VMSA-2023-0005.html	Patch Vendor Advisory
https://www.vmware.com/security/advisories/VMSA-2023-0005.html	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:vmware:vrealize_automation::::::::
	cpe:2.3:a:vmware:vrealize_orchestrator::::::::

History

21 Nov 2024, 07:41

Type	Values Removed	Values Added
References	~~() https://www.vmware.com/security/advisories/VMSA-2023-0005.html - Patch, Vendor Advisory~~	() https://www.vmware.com/security/advisories/VMSA-2023-0005.html - Patch, Vendor Advisory
Summary		(es) VMware vRealize Orchestrator contiene una vulnerabilidad de entidad externa XML (XXE). Un actor malintencionado, con acceso no administrativo a vRealize Orchestrator, puede utilizar entradas especialmente manipuladas para evitar las restricciones de análisis XML que conducen al acceso a información confidencial o a una posible escalada de privilegios.

Information

Published : 2023-02-22 00:15

Updated : 2024-11-21 07:41

NVD link : CVE-2023-20855

Mitre link : CVE-2023-20855

CVE.ORG link : CVE-2023-20855

JSON object : View

Products Affected

vmware

vrealize_orchestrator
vrealize_automation

CWE

CWE-611

Improper Restriction of XML External Entity Reference

{"id": "CVE-2023-20855", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-02-22T00:15:11.513", "references": [{"url": "https://www.vmware.com/security/advisories/VMSA-2023-0005.html", "tags": ["Patch", "Vendor Advisory"], "source": "security@vmware.com"}, {"url": "https://www.vmware.com/security/advisories/VMSA-2023-0005.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. A malicious actor, with non-administrative access to vRealize Orchestrator, may be able to use specially crafted input to bypass XML parsing restrictions leading to access to sensitive information or possible escalation of privileges."}, {"lang": "es", "value": "VMware vRealize Orchestrator contiene una vulnerabilidad de entidad externa XML (XXE). Un actor malintencionado, con acceso no administrativo a vRealize Orchestrator, puede utilizar entradas especialmente manipuladas para evitar las restricciones de an\u00e1lisis XML que conducen al acceso a informaci\u00f3n confidencial o a una posible escalada de privilegios."}], "lastModified": "2024-11-21T07:41:42.180", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:vmware:vrealize_automation:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA060EA5-4972-4843-B786-CC7EB1BBC25E", "versionEndExcluding": "8.11.1", "versionStartIncluding": "8.0"}, {"criteria": "cpe:2.3:a:vmware:vrealize_orchestrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3771C890-95D8-4861-A551-46D2E7F4BA88", "versionEndExcluding": "8.11.1", "versionStartIncluding": "8.0"}], "operator": "OR"}]}], "sourceIdentifier": "security@vmware.com"}