Vulnerabilities > CVE-2018-1259 - XXE vulnerability in multiple products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

pivotal-software

xmlbeam

CWE-611

NVD

Published: 2018-05-11

Updated: 2022-07-25

Summary

Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library XMLBeam does not restrict external reference expansion. An unauthenticated remote malicious user can supply specially crafted request parameters against Spring Data's projection-based request payload binding to access arbitrary files on the system.

Vulnerable Configurations

Part	Description	Count
Application	Pivotal_Software Pivotal Software Spring Data Commons 1.13.0 Pivotal Software Spring Data Commons 1.13.1 Pivotal Software Spring Data Commons 1.13.2 Pivotal Software Spring Data Commons 1.13.3 Pivotal Software Spring Data Commons 1.13.4 Pivotal Software Spring Data Commons 1.13.5 Pivotal Software Spring Data Commons 1.13.6 Pivotal Software Spring Data Commons 1.13.7 Pivotal Software Spring Data Commons 1.13.8 Pivotal Software Spring Data Commons 1.13.9 Pivotal Software Spring Data Commons 1.13.10 Pivotal Software Spring Data Commons 1.13.11 Pivotal Software Spring Data Commons 2.0.0 Pivotal Software Spring Data Commons 2.0.1 Pivotal Software Spring Data Commons 2.0.2 Pivotal Software Spring Data Commons 2.0.3 Pivotal Software Spring Data Commons 2.0.4 Pivotal Software Spring Data Commons 2.0.5 Pivotal Software Spring Data Commons 2.0.6 Pivotal Software Spring Data Rest 2.6.0 Pivotal Software Spring Data Rest 2.6.1 Pivotal Software Spring Data Rest 2.6.2 Pivotal Software Spring Data Rest 2.6.3 Pivotal Software Spring Data Rest 2.6.4 Pivotal Software Spring Data Rest 2.6.5 Pivotal Software Spring Data Rest 2.6.6 Pivotal Software Spring Data Rest 2.6.7 Pivotal Software Spring Data Rest 2.6.8 Pivotal Software Spring Data Rest 2.6.9 Pivotal Software Spring Data Rest 2.6.10 Pivotal Software Spring Data Rest 2.6.11 Pivotal Software Spring Data Rest 3.0.0 Pivotal Software Spring Data Rest 3.0.1 Pivotal Software Spring Data Rest 3.0.2 Pivotal Software Spring Data Rest 3.0.3 Pivotal Software Spring Data Rest 3.0.4 Pivotal Software Spring Data Rest 3.0.5 Pivotal Software Spring Data Rest 3.0.6	56
Application	Xmlbeam Xmlbeam Xmlbeam 1.0 Xmlbeam Xmlbeam 1.1 Xmlbeam Xmlbeam 1.1.1 Xmlbeam Xmlbeam 1.1.2 Xmlbeam Xmlbeam 1.1.3 Xmlbeam Xmlbeam 1.1.4 Xmlbeam Xmlbeam 1.2.0 Xmlbeam Xmlbeam 1.2.1 Xmlbeam Xmlbeam 1.3.0 Xmlbeam Xmlbeam 1.4.0 Xmlbeam Xmlbeam 1.4.1 Xmlbeam Xmlbeam 1.4.2 Xmlbeam Xmlbeam 1.4.3 Xmlbeam Xmlbeam 1.4.4 Xmlbeam Xmlbeam 1.4.5 Xmlbeam Xmlbeam 1.4.6 Xmlbeam Xmlbeam 1.4.7 Xmlbeam Xmlbeam 1.4.8 Xmlbeam Xmlbeam 1.4.9 Xmlbeam Xmlbeam 1.4.10 Xmlbeam Xmlbeam 1.4.11 Xmlbeam Xmlbeam 1.4.12 Xmlbeam Xmlbeam 1.4.13 Xmlbeam Xmlbeam 1.4.14	24

Common Weakness Enumeration (CWE)

CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')

D2sec

name	Pivotal Spring Data Commons / Spring Data REST XXE File Disclosure
url	http://www.d2sec.com/exploits/pivotal_spring_data_commons___spring_data_rest_xxe_file_disclosure.html

Redhat

advisories

rhsa
id RHSA-2018:1809
rhsa
id RHSA-2018:3768

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

D2sec

Redhat

References