CVE-2018-19858

{"id": "CVE-2018-19858", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 3.9}]}, "published": "2019-01-30T15:29:06.490", "references": [{"url": "https://hacking.us.com/blog/XSS-to-XXE-in-Prince/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.lynxsecurity.io/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.youtube.com/watch?v=-7YIzYtWhzM", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://hacking.us.com/blog/XSS-to-XXE-in-Prince/", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.lynxsecurity.io/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.youtube.com/watch?v=-7YIzYtWhzM", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "PrinceXML, versions 10 and below, is vulnerable to XXE due to the lack of protection against external entities. If an attacker passes HTML referencing an XML file (e.g., in an IFRAME element), PrinceXML will fetch the XML and parse it, thus giving an attacker file-read access and full-fledged SSRF."}, {"lang": "es", "value": "PrinceXML, en versiones 10 y anteriores, es vulnerable a XEE (XML External Entity) debido a la falta de una protecci\u00f3n contra entidades externas. Si un atacante env\u00eda HTML haciendo referencia a un archivo XML (p.ej., en un elemento IFRAME), PrinceXML recuperar\u00e1 dicho XML y lo analizar\u00e1, proporcionando al atacante el acceso para leer archivos y para realizar un Server-Side Request Forgery (SSRF) plenamente desarrollado."}], "lastModified": "2024-11-21T03:58:41.900", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:princexml:princexml:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20B2352F-1580-45C9-B381-AE5528F75851", "versionEndIncluding": "10.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}