CVE-2017-6323 - OpenCVE

The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:A/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Symantec	Management Console

Configuration 1 [-]

OR	cpe:2.3:a:symantec:management_console::::::::
	cpe:2.3:a:symantec:management_console:7.6:hf7::::::
	cpe:2.3:a:symantec:management_console:8.0:hf6::::::

References

Link	Resource
http://www.securityfocus.com/bid/98621	Third Party Advisory VDB Entry
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: symantec

Published: 2017-06-28T00:00:00

Updated: 2018-04-17T09:57:01

Reserved: 2017-02-26T00:00:00

Link: CVE-2017-6323

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-04-16T19:29:00.340

Modified: 2018-05-23T14:38:03.660

Link: CVE-2017-6323

JSON object: View

Redhat Information

No data.

CWE

CWE-611

{"containers": {"cna": {"affected": [{"product": "ITMS", "vendor": "Symantec Corporation", "versions": [{"status": "affected", "version": "Prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6 & ITMS 7.6_POST_HF7"}]}], "datePublic": "2017-06-28T00:00:00", "descriptions": [{"lang": "en", "value": "The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts."}], "problemTypes": [{"descriptions": [{"description": "XXE", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-04-17T09:57:01", "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "shortName": "symantec"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00"}, {"name": "98621", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/98621"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@symantec.com", "DATE_PUBLIC": "2017-06-28T00:00:00", "ID": "CVE-2017-6323", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ITMS", "version": {"version_data": [{"version_value": "Prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6 & ITMS 7.6_POST_HF7"}]}}]}, "vendor_name": "Symantec Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "XXE"}]}]}, "references": {"reference_data": [{"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00", "refsource": "CONFIRM", "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00"}, {"name": "98621", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98621"}]}}}}, "cveMetadata": {"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "assignerShortName": "symantec", "cveId": "CVE-2017-6323", "datePublished": "2017-06-28T00:00:00", "dateReserved": "2017-02-26T00:00:00", "dateUpdated": "2018-04-17T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:management_console:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B267A2A-6418-4465-89DE-6162EB657F73", "versionEndExcluding": "8.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:management_console:7.6:hf7:*:*:*:*:*:*", "matchCriteriaId": "625B07E1-76DD-4A78-9506-F15C8E61CB58", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:management_console:8.0:hf6:*:*:*:*:*:*", "matchCriteriaId": "078D2993-8477-4241-93E0-B5ADEC1DEB18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts."}, {"lang": "es", "value": "Symantec Management Console, en versiones anteriores a la ITMS 8.1 RU1, ITMS 8.0_POST_HF6 e ITMS 7.6_POST_HF7, tiene un problema por el cual las entradas XML que contienen una referencia a una entidad externa son procesadas por un analizador XML mal configurado. Este ataque podr\u00eda conducir a la revelaci\u00f3n de datos confidenciales, denegaci\u00f3n de servicio (DoS), Server-Side Request Forgery, escaneo de puertos desde la perspectiva de la m\u00e1quina en la que est\u00e1 el analizador y otros impactos del sistema."}], "id": "CVE-2017-6323", "lastModified": "2018-05-23T14:38:03.660", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.2, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 5.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-16T19:29:00.340", "references": [{"source": "secure@symantec.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/98621"}, {"source": "secure@symantec.com", "tags": ["Vendor Advisory"], "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00"}], "sourceIdentifier": "secure@symantec.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "nvd@nist.gov", "type": "Primary"}]}