Vulnerabilities > CVE-2020-9354 - XML Entity Expansion vulnerability in Smartclient 12.0

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

smartclient

CWE-776

NVD

Published: 2020-02-23

Updated: 2021-07-21

Summary

An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) saveFile provided by the console functionality on the /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall) URL allows an unauthenticated attacker to overwrite files via vectors involving an XML comment and /.. path traversal.

Vulnerable Configurations

Part	Description	Count
Application	Smartclient Smartclient Smartclient 12.0	1

Common Weakness Enumeration (CWE)

CWE-776 - Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

References

https://seclists.org/fulldisclosure/2020/Feb/18