CVE-2013-6429 : The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 an

The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.

Published 2014-01-26 16:58:11

Updated 2022-04-11 17:16:27

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Cross-site request forgery (CSRF)XML external entity (XXE) injectionDenial of service

Products affected by CVE-2013-6429

Vmware » Spring Framework » Version: 4.0.0 Update RC1
cpe:2.3:a:vmware:spring_framework:4.0.0:rc1:*:*:*:*:*:*
Matching versions
Vmware » Spring Framework » Version: 4.0.0 Update Milestone2
cpe:2.3:a:vmware:spring_framework:4.0.0:milestone2:*:*:*:*:*:*
Matching versions
Vmware » Spring Framework » Version: 4.0.0 Update Milestone1
cpe:2.3:a:vmware:spring_framework:4.0.0:milestone1:*:*:*:*:*:*
Matching versions
Pivotal Software » Spring Framework
Versions from including (>=) 3.0.0 and up to, including, (<=) 3.2.4
cpe:2.3:a:pivotal_software:spring_framework:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2013-6429

EPSS FAQ

86.17%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 99 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2013-6429

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2013-6429

CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

Assigned by: nvd@nist.gov (Primary)
CWE-611 Improper Restriction of XML External Entity Reference

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-6429

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

HPSBGN03669 rev.2 - HPE SiteScope, Local Elevation of Privilege, Remote Denial of Service, Arbitrary Code Execution and Cross-Site Request Forgery
Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2014-0400.html

RHSA-2014:0400 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://www.gopivotal.com/security/cve-2013-6429

CVE-2013-6429 Fix for XML External Entity (XXE) Injection (CVE-2013-7315) in Spring Framework was Incomplete | Security | Pivotal
Third Party Advisory
http://www.securityfocus.com/bid/64947

Spring Framework CVE-2013-6429 Multiple XML External Entity Injection Vulnerabilities
Third Party Advisory;VDB Entry
http://www.securityfocus.com/archive/1/530770/100/0/threaded

SecurityFocus
Third Party Advisory;VDB Entry
https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel

[SPR-11078] Disable the processing of external entities in SourceHttpMessageConverter by default - Spring JIRA
Third Party Advisory;Vendor Advisory

Jump to

Vulnerability Details : CVE-2013-6429

Products affected by CVE-2013-6429

Exploit prediction scoring system (EPSS) score for CVE-2013-6429

CVSS scores for CVE-2013-6429

CWE ids for CVE-2013-6429

References for CVE-2013-6429