CVE-2022-40705

** UNSUPPORTED WHEN ASSIGNED ** An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP version 2.2 and later versions. It is unknown whether previous versions are also affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://www.openwall.com/lists/oss-security/2022/09/22/1	Mailing List Third Party Advisory
https://lists.apache.org/thread/02yo04w93rdjmllz4454lvodn5xzhwhl	Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:apache:soap:*:*:*:*:*:*:*:*

History

07 Mar 2023, 22:11

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-09-22 09:15

Updated : 2024-08-03 13:15

NVD link : CVE-2022-40705

Mitre link : CVE-2022-40705

CVE.ORG link : CVE-2022-40705

JSON object : View

Products Affected

apache

soap

CWE

CWE-611

Improper Restriction of XML External Entity Reference

{"id": "CVE-2022-40705", "cveTags": [{"tags": ["unsupported-when-assigned"], "sourceIdentifier": "security@apache.org"}], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-09-22T09:15:09.790", "references": [{"url": "http://www.openwall.com/lists/oss-security/2022/09/22/1", "tags": ["Mailing List", "Third Party Advisory"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread/02yo04w93rdjmllz4454lvodn5xzhwhl", "tags": ["Mailing List", "Vendor Advisory"], "source": "security@apache.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-611"}]}, {"type": "Secondary", "source": "security@apache.org", "description": [{"lang": "en", "value": "CWE-611"}]}], "descriptions": [{"lang": "en", "value": "An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP version 2.2 and later versions. It is unknown whether previous versions are also affected. NOTE: This vulnerability only affects products that are no longer supported by the maintainer"}, {"lang": "es", "value": "** NO SOPORTADO CUANDO SE ASIGN\u00d3** Una vulnerabilidad de Restricci\u00f3n Inapropiada de Referencia de Entidad Externa XML en RPCRouterServlet de Apache SOAP permite a un atacante leer archivos arbitrarios a trav\u00e9s de HTTP. Este problema afecta a versiones 2.2 y posteriores de Apache SOAP. Es desconocido si las versiones anteriores tambi\u00e9n est\u00e1n afectadas. NOTA: Esta vulnerabilidad s\u00f3lo afecta a productos que ya no son soportados por el mantenedor"}], "lastModified": "2024-08-03T13:15:33.893", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:soap:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93D900DD-661A-44C2-864E-6A70D9A74D69", "versionStartIncluding": "2.2"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}