Vulnerability Details : CVE-2016-10149
XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response.
Vulnerability category: XML external entity (XXE) injection
Products affected by CVE-2016-10149
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:pysaml2_project:pysaml2:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-10149
0.32%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 66 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-10149
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-10149
-
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-10149
-
http://www.openwall.com/lists/oss-security/2017/01/19/5
oss-security - Re: CVE request: python-pysaml2 XML external entity attackMailing List;Patch;Third Party Advisory
-
https://github.com/rohe/pysaml2/commit/6e09a25d9b4b7aa7a506853210a9a14100b8bc9b
Fix XXE in XML parsing (related to #366) · IdentityPython/pysaml2@6e09a25 · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://github.com/rohe/pysaml2/pull/379
Fix XXE in XML parsing (related to #366) by fruechel · Pull Request #379 · IdentityPython/pysaml2 · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:0936
RHSA-2017:0936 - Security Advisory - Red Hat Customer Portal
-
https://github.com/rohe/pysaml2/issues/366
PySAML vulnerable to XXE · Issue #366 · IdentityPython/pysaml2 · GitHubIssue Tracking;Patch;Third Party Advisory
-
http://www.debian.org/security/2017/dsa-3759
Debian -- Security Information -- DSA-3759-1 python-pysaml2Third Party Advisory
-
http://www.securityfocus.com/bid/97692
python-pysaml2 CVE-2016-10149 XML Entity Expansion Denial of Service Vulnerability
-
https://access.redhat.com/errata/RHSA-2017:0937
RHSA-2017:0937 - Security Advisory - Red Hat Customer Portal
-
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850716
#850716 - python-pysaml2: CVE-2016-10149 - Debian Bug report logsIssue Tracking;Patch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2017:0938
RHSA-2017:0938 - Security Advisory - Red Hat Customer Portal
Jump to