CVE-2022-23170 : SysAid - Okta SSO integration - was found vulnerable to XML External Entity Inje

SysAid - Okta SSO integration - was found vulnerable to XML External Entity Injection vulnerability. Any SysAid environment that uses the Okta SSO integration might be vulnerable. An unauthenticated attacker could exploit the XXE vulnerability by sending a malformed POST request to the identity provider endpoint. An attacker can extract the identity provider endpoint by decoding the SAMLRequest parameter's value and searching for the AssertionConsumerServiceURL parameter's value. It often allows an attacker to view files on the application server filesystem and interact with any back-end or external systems that the application can access. In some situations, an attacker can escalate an XXE attack to compromise the underlying server or other back-end infrastructure by leveraging the XXE vulnerability to perform server-side request forgery (SSRF) attacks.

Published 2022-06-24 15:15:10

Updated 2022-07-07 15:19:14

Source Israel National Cyber Directorate

View at NVD, CVE.org

Vulnerability category: XML external entity (XXE) injectionServer-side request forgery (SSRF)

Products affected by CVE-2022-23170

Sysaid » Okta Sso
Versions from including (>=) 22.1.49 and up to, including, (<=) 22.1.63
cpe:2.3:a:sysaid:okta_sso:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2022-23170

EPSS FAQ

0.34%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 55 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-23170

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
5.9	MEDIUM	CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L	1.7	3.7	Israel National Cyber Directorate
Attack Vector: Adjacent Network Attack Complexity: Low Privileges Required: Low User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: Low
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2022-23170

CWE-611 Improper Restriction of XML External Entity Reference

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
Assigned by:
- cna@cyber.gov.il (Secondary)
- nvd@nist.gov (Primary)

References for CVE-2022-23170

https://www.gov.il/en/departments/faq/cve_advisories

Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-23170

Products affected by CVE-2022-23170

Exploit prediction scoring system (EPSS) score for CVE-2022-23170

CVSS scores for CVE-2022-23170

CWE ids for CVE-2022-23170

References for CVE-2022-23170