Vulnerability Details : CVE-2023-6194
In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit
document type definition (DTD) references to external entities.
This means that if a user chooses to use a malicious report definition XML file containing an external entity reference
to generate a report then Eclipse Memory Analyzer may access external files or URLs defined via a DTD in the report definition.
Vulnerability category: XML external entity (XXE) injection
Products affected by CVE-2023-6194
- cpe:2.3:a:eclipse:memory_analyzer:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-6194
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 22 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-6194
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.8
|
LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
1.3
|
1.4
|
Eclipse Foundation | |
7.1
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
1.8
|
5.2
|
NIST |
CWE ids for CVE-2023-6194
-
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.Assigned by:
- emo@eclipse.org (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2023-6194
-
https://bugs.eclipse.org/bugs/show_bug.cgi?id=582631
582631 – Validate XML report files against schema and restrict external entity access.Exploit;Issue Tracking;Patch;Vendor Advisory
-
https://gitlab.eclipse.org/security/cve-assignement/-/issues/15
XXE in Eclipse Memory Analyzer report definition files (#15) · Issues · Eclipse Projects Security / cve-assignement · GitLabExploit;Issue Tracking;Vendor Advisory
-
https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/169
XXE in Eclipse Memory Analyzer report definition files (#169) · Issues · Eclipse Projects Security / vulnerability-reports · GitLabExploit;Issue Tracking;Vendor Advisory
Jump to