CWE-611
Improper Restriction of XML External Entity Reference
Description
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-221
CVEs mapped to this weakness (684)
page 2 of 35| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-7098 | Cri | 0.64 | 9.8 | 0.00 | Sep 16, 2024 | Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection. This issue affects ww.Winsure: before 4.6.2. | ||
| CVE-2018-17411 | Cri | 0.64 | 9.8 | 0.02 | Sep 26, 2018 | An XML External Entity (XXE) vulnerability exists in iWay Data Quality Suite Web Console 10.6.1.ga-2016-11-20. | ||
| CVE-2018-10600 | Cri | 0.64 | 9.8 | 0.02 | Jul 24, 2018 | SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in certain situations on specific platforms), and denial of service attacks. | ||
| CVE-2018-1000616 | Cri | 0.64 | 9.8 | 0.01 | Jul 9, 2018 | ONOS ONOS controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in onos\drivers\utilities\src\main\java\org\onosproject\drivers\utilities\XmlConfigParser.java loadxml() that can result in An adversary can remotely launch XXE attacks on ONOS… | ||
| CVE-2018-1000614 | Cri | 0.64 | 9.8 | 0.02 | Jul 9, 2018 | ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XXE attacks… | ||
| CVE-2017-3208 | Cri | 0.64 | 9.8 | 0.04 | Jun 11, 2018 | The Java implementation of AMF3 deserializers used by WebORB for Java by Midnight Coders, version 5.1.1.0, allows external entity references (XXEs) from XML documents embedded within AMF3 messages. If the XML parsing is handled incorrectly it could potentially expose sensitive… | ||
| CVE-2017-3206 | Cri | 0.64 | 9.8 | 0.04 | Jun 11, 2018 | The Java implementation of AMF3 deserializers used by Flamingo amf-serializer by Exadel, version 2.2.0, allows external entity references (XXEs) from XML documents embedded within AMF3 messages. If the XML parsing is handled incorrectly it could potentially expose sensitive data… | ||
| CVE-2018-1183 | Cri | 0.64 | 9.8 | 0.02 | Apr 30, 2018 | In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to 8.4.0.6, Dell EMC VMAX… | ||
| CVE-2018-6489 | Cri | 0.64 | 9.8 | 0.01 | Feb 22, 2018 | XML External Entity (XXE) vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability can be exploited to allow XML External Entity (XXE) | ||
| CVE-2017-7375 | — | Cri | 0.64 | 9.8 | 0.03 | Feb 19, 2018 | A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack… | |
| CVE-2014-3244 | Cri | 0.64 | 9.8 | 0.05 | Feb 1, 2018 | XML external entity (XXE) vulnerability in the RSSDashlet dashlet in SugarCRM before 6.5.17 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request. | ||
| CVE-2014-3005 | Cri | 0.64 | 9.8 | 0.05 | Feb 1, 2018 | XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request. | ||
| CVE-2017-1000497 | Cri | 0.64 | 9.8 | 0.03 | Jan 3, 2018 | Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution | ||
| CVE-2014-3630 | Cri | 0.64 | 9.8 | 0.03 | Dec 29, 2017 | XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data. | ||
| CVE-2017-14101 | Cri | 0.64 | 9.8 | 0.01 | Dec 15, 2017 | A security researcher found an XML External Entity (XXE) vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP… | ||
| CVE-2014-9487 | Cri | 0.64 | 9.8 | 0.02 | Oct 17, 2017 | The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack. NOTE: Related to CVE-2014-2053. | ||
| CVE-2017-14759 | Cri | 0.64 | 9.8 | 0.01 | Oct 3, 2017 | OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to an XML External Entity vulnerability: /xFramework/services/QuickDoc.QuickDocHttpSoap11Endpoint/. An unauthenticated user is… | ||
| CVE-2017-12620 | Cri | 0.64 | 9.8 | 0.03 | Oct 3, 2017 | When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since Apache OpenNLP is a library, this only affects applications that load models or dictionaries from untrusted sources. The versions 1.5.0 to 1.5.3, 1.6.0, 1.7.0 to 1.7.2, 1.8.0 to… | ||
| CVE-2017-12621 | Cri | 0.64 | 9.8 | 0.09 | Sep 28, 2017 | During Jelly (xml) file parsing with Apache Xerces, if a custom doctype entity is declared with a "SYSTEM" entity with a URL and that entity is used in the body of the Jelly file, during parser instantiation the parser will attempt to connect to said URL. This could lead to XML… | ||
| CVE-2017-9458 | Cri | 0.64 | 9.8 | 0.02 | Sep 7, 2017 | XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows remote attackers to obtain sensitive information, cause a… |
- risk 0.64cvss 9.8epss 0.00
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection. This issue affects ww.Winsure: before 4.6.2.
- risk 0.64cvss 9.8epss 0.02
An XML External Entity (XXE) vulnerability exists in iWay Data Quality Suite Web Console 10.6.1.ga-2016-11-20.
- risk 0.64cvss 9.8epss 0.02
SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in certain situations on specific platforms), and denial of service attacks.
- risk 0.64cvss 9.8epss 0.01
ONOS ONOS controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in onos\drivers\utilities\src\main\java\org\onosproject\drivers\utilities\XmlConfigParser.java loadxml() that can result in An adversary can remotely launch XXE attacks on ONOS…
- risk 0.64cvss 9.8epss 0.02
ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XXE attacks…
- risk 0.64cvss 9.8epss 0.04
The Java implementation of AMF3 deserializers used by WebORB for Java by Midnight Coders, version 5.1.1.0, allows external entity references (XXEs) from XML documents embedded within AMF3 messages. If the XML parsing is handled incorrectly it could potentially expose sensitive…
- risk 0.64cvss 9.8epss 0.04
The Java implementation of AMF3 deserializers used by Flamingo amf-serializer by Exadel, version 2.2.0, allows external entity references (XXEs) from XML documents embedded within AMF3 messages. If the XML parsing is handled incorrectly it could potentially expose sensitive data…
- risk 0.64cvss 9.8epss 0.02
In Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.8, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.8, Dell EMC VASA Provider Virtual Appliance versions prior to 8.4.0.512, Dell EMC SMIS versions prior to 8.4.0.6, Dell EMC VMAX…
- risk 0.64cvss 9.8epss 0.01
XML External Entity (XXE) vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability can be exploited to allow XML External Entity (XXE)
- risk 0.64cvss 9.8epss 0.03
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack…
- risk 0.64cvss 9.8epss 0.05
XML external entity (XXE) vulnerability in the RSSDashlet dashlet in SugarCRM before 6.5.17 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.
- risk 0.64cvss 9.8epss 0.05
XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.
- risk 0.64cvss 9.8epss 0.03
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution
- risk 0.64cvss 9.8epss 0.03
XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data.
- risk 0.64cvss 9.8epss 0.01
A security researcher found an XML External Entity (XXE) vulnerability on the Conserus Image Repository archive solution version 2.1.1.105 by McKesson Medical Imaging Company, which is now a Change Healthcare company. An unauthenticated user supplying a modified HTTP SOAP…
- risk 0.64cvss 9.8epss 0.02
The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack. NOTE: Related to CVE-2014-2053.
- risk 0.64cvss 9.8epss 0.01
OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to an XML External Entity vulnerability: /xFramework/services/QuickDoc.QuickDocHttpSoap11Endpoint/. An unauthenticated user is…
- risk 0.64cvss 9.8epss 0.03
When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since Apache OpenNLP is a library, this only affects applications that load models or dictionaries from untrusted sources. The versions 1.5.0 to 1.5.3, 1.6.0, 1.7.0 to 1.7.2, 1.8.0 to…
- risk 0.64cvss 9.8epss 0.09
During Jelly (xml) file parsing with Apache Xerces, if a custom doctype entity is declared with a "SYSTEM" entity with a URL and that entity is used in the body of the Jelly file, during parser instantiation the parser will attempt to connect to said URL. This could lead to XML…
- risk 0.64cvss 9.8epss 0.02
XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows remote attackers to obtain sensitive information, cause a…