CVE-2013-6440
Java: XML eXternal Entity (XXE) flaw in ParserPool and Decrypter
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter, and (4) SAML Decrypter in Shibboleth OpenSAML-Java before 2.6.1 set the expandEntityReferences property to true, which allows remote attackers to conduct XML external entity (XXE) attacks via a crafted XML DOCTYPE declaration.
(1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter y (4) SAML Decrypter en Shibboleth OpenSAML-Java anterior a 2.6.1 establece la propiedad expandEntityReferences como "true", lo que permite a atacantes remotos realizar ataques de entidad externa XML (XXE) a través de una declaración XML DOCTYPE manipulada.
It was found that the ParserPool and Decrypter classes in the OpenSAML Java implementation resolved external entities, permitting XML External Entity (XXE) attacks. A remote attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-11-04 CVE Reserved
- 2014-02-13 CVE Published
- 2023-09-27 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-611: Improper Restriction of XML External Entity Reference
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://blog.sendsafely.com/post/69590974866/web-based-single-sign-on-and-the-dangers-of-saml-xml | X_refsource_misc | |
| http://shibboleth.net/community/advisories/secadv_20131213.txt | X_refsource_confirm | |
| https://www.oracle.com/security-alerts/cpujan2022.html | X_refsource_misc |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2014-0170.html | 2022-02-07 | |
| http://rhn.redhat.com/errata/RHSA-2014-0171.html | 2022-02-07 | |
| http://rhn.redhat.com/errata/RHSA-2014-0172.html | 2022-02-07 | |
| http://rhn.redhat.com/errata/RHSA-2014-0195.html | 2022-02-07 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1043332 | 2014-12-15 | |
| https://access.redhat.com/security/cve/CVE-2013-6440 | 2014-12-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Internet2 Search vendor "Internet2" | Opensaml Search vendor "Internet2" for product "Opensaml" | 2.0 Search vendor "Internet2" for product "Opensaml" and version "2.0" | - |
Affected
| ||||||
| Internet2 Search vendor "Internet2" | Opensaml Search vendor "Internet2" for product "Opensaml" | 2.1.0 Search vendor "Internet2" for product "Opensaml" and version "2.1.0" | - |
Affected
| ||||||
| Internet2 Search vendor "Internet2" | Opensaml Search vendor "Internet2" for product "Opensaml" | 2.2.0 Search vendor "Internet2" for product "Opensaml" and version "2.2.0" | - |
Affected
| ||||||
| Shibboleth Search vendor "Shibboleth" | Opensaml Search vendor "Shibboleth" for product "Opensaml" | <= 2.6.0 Search vendor "Shibboleth" for product "Opensaml" and version " <= 2.6.0" | - |
Affected
| ||||||
| Shibboleth Search vendor "Shibboleth" | Opensaml Search vendor "Shibboleth" for product "Opensaml" | 2.4.0 Search vendor "Shibboleth" for product "Opensaml" and version "2.4.0" | - |
Affected
| ||||||
| Shibboleth Search vendor "Shibboleth" | Opensaml Search vendor "Shibboleth" for product "Opensaml" | 2.4.1 Search vendor "Shibboleth" for product "Opensaml" and version "2.4.1" | - |
Affected
| ||||||
| Shibboleth Search vendor "Shibboleth" | Opensaml Search vendor "Shibboleth" for product "Opensaml" | 2.4.2 Search vendor "Shibboleth" for product "Opensaml" and version "2.4.2" | - |
Affected
| ||||||
| Shibboleth Search vendor "Shibboleth" | Opensaml Search vendor "Shibboleth" for product "Opensaml" | 2.4.3 Search vendor "Shibboleth" for product "Opensaml" and version "2.4.3" | - |
Affected
| ||||||
| Shibboleth Search vendor "Shibboleth" | Opensaml Search vendor "Shibboleth" for product "Opensaml" | 2.5.0 Search vendor "Shibboleth" for product "Opensaml" and version "2.5.0" | - |
Affected
| ||||||
| Shibboleth Search vendor "Shibboleth" | Opensaml Search vendor "Shibboleth" for product "Opensaml" | 2.5.1 Search vendor "Shibboleth" for product "Opensaml" and version "2.5.1" | - |
Affected
| ||||||
| Shibboleth Search vendor "Shibboleth" | Opensaml Search vendor "Shibboleth" for product "Opensaml" | 2.5.2 Search vendor "Shibboleth" for product "Opensaml" and version "2.5.2" | - |
Affected
| ||||||
| Shibboleth Search vendor "Shibboleth" | Opensaml Search vendor "Shibboleth" for product "Opensaml" | 2.5.3 Search vendor "Shibboleth" for product "Opensaml" and version "2.5.3" | - |
Affected
| ||||||