CVE-2019-18213

XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML Language Support (aka vscode-xml) before 0.9.1 for Visual Studio and other products, allows XXE via a crafted XML document, with resultant SSRF (as well as SMB connection initiation that can lead to NetNTLM challenge/response capture for password cracking). This occurs in extensions/contentmodel/participants/diagnostics/LSPXMLParserConfiguration.java.
Configurations

Configuration 1 (hide)

cpe:2.3:a:xml_language_server_project:xml_server_project:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:eclipse:wild_web_developer:-:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:theia_xml_extension_project:theia_xml_extension:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:32

Type Values Removed Values Added
References () https://github.com/angelozerr/lsp4xml/ - Product () https://github.com/angelozerr/lsp4xml/ - Product
References () https://github.com/angelozerr/lsp4xml/blob/master/CHANGELOG.md#others - Release Notes, Third Party Advisory () https://github.com/angelozerr/lsp4xml/blob/master/CHANGELOG.md#others - Release Notes, Third Party Advisory
References () https://github.com/angelozerr/lsp4xml/pull/566 - Patch, Third Party Advisory () https://github.com/angelozerr/lsp4xml/pull/566 - Patch, Third Party Advisory
References () https://github.com/redhat-developer/vscode-xml/ - Patch, Third Party Advisory () https://github.com/redhat-developer/vscode-xml/ - Patch, Third Party Advisory
References () https://marketplace.visualstudio.com/items?itemName=redhat.vscode-xml - Third Party Advisory () https://marketplace.visualstudio.com/items?itemName=redhat.vscode-xml - Third Party Advisory
References () https://www.shielder.it/blog/dont-open-that-xml-xxe-to-rce-in-xml-plugins-for-vs-code-eclipse-theia/ - Exploit, Third Party Advisory () https://www.shielder.it/blog/dont-open-that-xml-xxe-to-rce-in-xml-plugins-for-vs-code-eclipse-theia/ - Exploit, Third Party Advisory

Information

Published : 2019-10-23 22:15

Updated : 2024-11-21 04:32


NVD link : CVE-2019-18213

Mitre link : CVE-2019-18213

CVE.ORG link : CVE-2019-18213


JSON object : View

Products Affected

xml_language_server_project

  • xml_server_project

eclipse

  • wild_web_developer

theia_xml_extension_project

  • theia_xml_extension
CWE
CWE-611

Improper Restriction of XML External Entity Reference