CVE-2017-12623

An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity (XXE) attack. The fix to properly handle XML External Entities was applied on the Apache NiFi 1.4.0 release. Users running a prior 1.x release should upgrade to the appropriate release.

CVSS v3 6.5 MEDIUM
CVSS v2.0 4.0 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector : AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://nifi.apache.org/security.html#CVE-2017-12623	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:nifi:1.0.0:::::::*
	cpe:2.3:a:apache:nifi:1.0.1:::::::*
	cpe:2.3:a:apache:nifi:1.1.0:::::::*
	cpe:2.3:a:apache:nifi:1.1.1:::::::*
	cpe:2.3:a:apache:nifi:1.1.2:::::::*
	cpe:2.3:a:apache:nifi:1.2.0:::::::*
	cpe:2.3:a:apache:nifi:1.3.0:::::::*

History

No history.

Information

Published : 2017-10-10 18:29

Updated : 2017-11-05 21:11

NVD link : CVE-2017-12623

Mitre link : CVE-2017-12623

CVE.ORG link : CVE-2017-12623

JSON object : View

Products Affected

apache

nifi

CWE

CWE-611

Improper Restriction of XML External Entity Reference

{"id": "CVE-2017-12623", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2017-10-10T18:29:00.197", "references": [{"url": "https://nifi.apache.org/security.html#CVE-2017-12623", "tags": ["Vendor Advisory"], "source": "security@apache.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity (XXE) attack. The fix to properly handle XML External Entities was applied on the Apache NiFi 1.4.0 release. Users running a prior 1.x release should upgrade to the appropriate release."}, {"lang": "es", "value": "Un usuario autorizado podr\u00eda subir una plantilla que contenga c\u00f3digo malicioso y que acceda a archivos sensibles mediante un ataque XEE (XML External Entity). La soluci\u00f3n para manejar entidades externas XML se aplic\u00f3 en la distribuci\u00f3n 1.4.0 de Apache NiFi. Los usuarios que ejecuten una distribuci\u00f3n 1.x anterior deben actualizarla a la distribuci\u00f3n adecuada."}], "lastModified": "2017-11-05T21:11:53.913", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:nifi:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C028889E-44E8-4E54-9585-BF9B0EED5A9A"}, {"criteria": "cpe:2.3:a:apache:nifi:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06D38C76-98D2-41F1-9F0B-CEE05215AB4A"}, {"criteria": "cpe:2.3:a:apache:nifi:1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01B8572D-CA8D-4A41-B94A-A393A22B5B9D"}, {"criteria": "cpe:2.3:a:apache:nifi:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76FDA5E5-6A45-4979-9317-75623A59089F"}, {"criteria": "cpe:2.3:a:apache:nifi:1.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF1BEC26-CB83-4209-893D-5EA6E08A0C4B"}, {"criteria": "cpe:2.3:a:apache:nifi:1.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A509533F-ACD6-4290-BE2E-3EDBED60D43B"}, {"criteria": "cpe:2.3:a:apache:nifi:1.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A169A8CB-29A5-4C44-AEF9-8995C9239874"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}