CVE-2018-11758
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker tricks a user of CayenneModeler into opening a malicious XML file, the attacker will be able to instruct the XML parser built into CayenneModeler to transfer files from a local machine to a remote machine controlled by the attacker. The cause of the issue is XML parser processing XML External Entity (XXE) declarations included in XML. The vulnerability is addressed in Cayenne by disabling XXE processing in all operations that require XML parsing.
Esto afecta a Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1 y 3.1.2. CayenneModeler es una herramienta de interfaz de usuario gráfica de escritorio suministrada con Apache Cayenne y destinada a la edición de modelos Cayenne ORM almacenados como archivos XML. Si un atacante engaña a un usuario de CayenneModeler para abrir un archivo XML malicioso, el atacante será capaz de instruir al analizador de XML incorporado en CayenneModeler para transferir archivos desde una máquina local a una máquina remota controlada por el atacante. La causa del problema es el analizador XML que procesa las declaraciones XXE (XML External Entity) incluidas en XML. La vulnerabilidad se soluciona en Cayenne desactivando el procesamiento XXE en todas las operaciones que requieran análisis XML.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-06-05 CVE Reserved
- 2018-08-22 CVE Published
- 2024-09-16 CVE Updated
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-611: Improper Restriction of XML External Entity Reference
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/105142 | Third Party Advisory | |
| https://lists.apache.org/thread.html/ed60a4d329be3c722f105317ca883986dfcd17615c70d1df87f4528c%40%3Cuser.cayenne.apache.org%3E | Mailing List |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | <= 3.1.0 Search vendor "Apache" for product "Cayenne" and version " <= 3.1.0" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | 3.1.1 Search vendor "Apache" for product "Cayenne" and version "3.1.1" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | 3.1.2 Search vendor "Apache" for product "Cayenne" and version "3.1.2" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | 3.2 Search vendor "Apache" for product "Cayenne" and version "3.2" | milestone1 |
Affected
| ||||||
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | 4.0 Search vendor "Apache" for product "Cayenne" and version "4.0" | beta1 |
Affected
| ||||||
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | 4.0 Search vendor "Apache" for product "Cayenne" and version "4.0" | beta2 |
Affected
| ||||||
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | 4.0 Search vendor "Apache" for product "Cayenne" and version "4.0" | milestone2 |
Affected
| ||||||
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | 4.0 Search vendor "Apache" for product "Cayenne" and version "4.0" | milestone3 |
Affected
| ||||||
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | 4.0 Search vendor "Apache" for product "Cayenne" and version "4.0" | milestone4 |
Affected
| ||||||
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | 4.0 Search vendor "Apache" for product "Cayenne" and version "4.0" | milestone5 |
Affected
| ||||||
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | 4.0 Search vendor "Apache" for product "Cayenne" and version "4.0" | rc1 |
Affected
| ||||||
| Apache Search vendor "Apache" | Cayenne Search vendor "Apache" for product "Cayenne" | 4.1 Search vendor "Apache" for product "Cayenne" and version "4.1" | milestone1 |
Affected
| ||||||