Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Trials and Demos

HTTP: Multiple Product XML External Entity Injection

This signature detects attempts to exploit a known vulnerability through External Entity Injection in variuos products. A successful attack can lead to unauthorized information disclosure, denial of service, request forgery and security policies bypass.

Extended Description

Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.

Affected Products

Apache cxf

References

BugTraq: 65466 104377 65051

CVE: CVE-2023-46265

URL: https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140218-0_Symantec_Endpoint_Protection_Multiple_critical_vulnerabilities_wo_poc_v10.txt http://www.zerodayinitiative.com/advisories/zdi-18-541/ http://www.zerodayinitiative.com/advisories/zdi-18-542/ http://www.zerodayinitiative.com/advisories/zdi-18-543/ http://www.zerodayinitiative.com/advisories/zdi-18-544/ http://www.zerodayinitiative.com/advisories/zdi-18-545/ https://www.veeam.com/kb3221 http://www.zerodayinitiative.com/advisories/ZDI-20-822/ http://www.zerodayinitiative.com/advisories/ZDI-20-1102/ https://www.support.nec.co.jp/en/View.aspx?id=9510100319 https://success.trendmicro.com/solution/000279833 https://wordpress.org/news/2021/04/wordpress-5-7-1-security-and-maintenance-release/ http://www.zerodayinitiative.com/advisories/ZDI-22-508/ http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20140213_00 http://www.zerodayinitiative.com/advisories/ZDI-23-1167/ https://download.wavelink.com/Files/avalanche_v6.4.1.236-250_release_notes.txt http://www.zerodayinitiative.com/advisories/ZDI-24-054/

Short Name

HTTP:XML-EXTERNAL-ENTITY-INJ

Severity

Minor

Recommended

False

Recommended Action

Drop

Category

HTTP

Keywords

CVE-2010-2076 CVE-2012-4399 CVE-2013-5014 CVE-2013-5015 CVE-2013-6429 CVE-2013-6447 CVE-2014-0002 CVE-2014-0423 CVE-2014-3490 CVE-2015-0975 CVE-2015-1833 CVE-2015-1883 CVE-2015-2125 CVE-2015-3269 CVE-2015-3960 CVE-2016-6220 CVE-2018-10613 CVE-2018-1259 CVE-2018-8010 CVE-2019-17554 CVE-2019-18227 CVE-2020-15419 CVE-2020-17408 CVE-2020-27017 CVE-2020-4463 CVE-2021-21658 CVE-2021-29447 CVE-2023-32567 CVE-2023-46265 Entity External Injection Multiple Product XML bid:104377 bid:65051 bid:65466

Release Date

03/24/2014

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3692

False Positive

Unknown

Vendors

Apache

CVSS Score

7.5

5.5

7.8

4.0

5.0

6.4

4.3

6.8

2.1

6.5