CVE-2023-49110

{"id": "CVE-2023-49110", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2024-06-20T13:15:49.250", "references": [{"url": "https://r.sec-consult.com/kiuwan", "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"}, {"url": "https://www.kiuwan.com/docs/display/K5/%5B2024-05-30%5D+Change+Log", "source": "551230f0-3615-47bd-b7cc-93e92e730bbf"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "When the Kiuwan Local Analyzer uploads the scan results to the Kiuwan SAST web \napplication (either on-premises or cloud/SaaS solution), the transmitted data \nconsists of a ZIP archive containing several files, some of them in the \nXML file format. During Kiuwan's server-side processing of these XML \nfiles, it resolves external XML entities, resulting in a XML external \nentity injection attack.\u00a0An attacker with privileges to scan \nsource code within the \"Code Security\" module is able to extract any \nfiles of the operating system with the rights of the application server \nuser and is potentially able to gain sensitive files, such as \nconfiguration and passwords. Furthermore, this vulnerability also allows\n an attacker to initiate connections to internal systems, e.g. for port \nscans or accessing other internal functions / applications such as the \nWildfly admin console of Kiuwan.\n\nThis issue affects Kiuwan SAST: <master.1808.p685.q13371"}, {"lang": "es", "value": "Cuando Kiuwan Local Analyzer carga los resultados del escaneo en la aplicaci\u00f3n web Kiuwan SAST (ya sea local o en la nube/soluci\u00f3n SaaS), los datos transmitidos constan de un archivo ZIP que contiene varios archivos, algunos de ellos en formato de archivo XML. Durante el procesamiento del lado del servidor de estos archivos XML por parte de Kiuwan, resuelve entidades XML externas, lo que resulta en un ataque de inyecci\u00f3n de entidades externas XML. Un atacante con privilegios para escanear el c\u00f3digo fuente dentro del m\u00f3dulo \"C\u00f3digo de seguridad\" puede extraer cualquier archivo del sistema operativo con los derechos del usuario del servidor de aplicaciones y potencialmente puede obtener archivos confidenciales, como configuraci\u00f3n y contrase\u00f1as. Adem\u00e1s, esta vulnerabilidad tambi\u00e9n permite a un atacante iniciar conexiones a sistemas internos, por ejemplo, para escanear puertos o acceder a otras funciones/aplicaciones internas, como la consola de administraci\u00f3n Wildfly de Kiuwan. Este problema afecta a Kiuwan SAST: "}], "lastModified": "2024-07-03T01:42:26.413", "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf"}