CVE-2023-23595

BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as "machine example.com login daniel password qwerty" in the documentation example for the .netrc file format. NOTE: 2.x versions are no longer supported. There is no available information about whether any later version is affected.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://bluecatnetworks.com/integrations/adaptive-application/device-registration-portal-drp/	Product Vendor Advisory
https://everything.curl.dev/usingcurl/netrc	Technical Description Third Party Advisory
https://github.com/colemanjp/XXE-Vulnerability-in-Bluecat-Device-Registration-Portal-DRP	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:bluecatnetworks:device_registration_portal:2.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-01-15 07:15

Updated : 2024-02-28 19:51

NVD link : CVE-2023-23595

Mitre link : CVE-2023-23595

CVE.ORG link : CVE-2023-23595

JSON object : View

Products Affected

bluecatnetworks

device_registration_portal

CWE

CWE-611

Improper Restriction of XML External Entity Reference

{"id": "CVE-2023-23595", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-01-15T07:15:08.017", "references": [{"url": "https://bluecatnetworks.com/integrations/adaptive-application/device-registration-portal-drp/", "tags": ["Product", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://everything.curl.dev/usingcurl/netrc", "tags": ["Technical Description", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/colemanjp/XXE-Vulnerability-in-Bluecat-Device-Registration-Portal-DRP", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as \"machine example.com login daniel password qwerty\" in the documentation example for the .netrc file format. NOTE: 2.x versions are no longer supported. There is no available information about whether any later version is affected."}, {"lang": "es", "value": "BlueCat Device Registration Portal 2.2 permite ataques XXE que filtran archivos de una sola l\u00ednea. Un archivo de una sola l\u00ednea puede contener credenciales, como \"machine example.com login daniel password qwerty\" en el ejemplo de documentaci\u00f3n para el formato de archivo .netrc. NOTA: Las versiones 2.x ya no son compatibles. No hay informaci\u00f3n disponible sobre si alguna versi\u00f3n posterior se ve afectada."}], "lastModified": "2023-01-24T16:35:54.763", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bluecatnetworks:device_registration_portal:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BF20D9B-FE3D-441B-8C5F-1A479F10399D"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}