CVE-2020-28387 - OpenCVE

A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP3). When opening a specially crafted SEECTCXML file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11923)

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Siemens	Solid Edge

Configuration 1 [-]

OR	cpe:2.3:a:siemens:solid_edge::::::::
	cpe:2.3:a:siemens:solid_edge:se2021:-::::::
	cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack1::::::

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-715184.pdf	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: siemens

Published: 2021-03-15T17:03:30

Updated: 2021-04-22T20:42:20

Reserved: 2020-11-10T00:00:00

Link: CVE-2020-28387

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-03-15T17:15:20.660

Modified: 2021-07-15T18:00:27.427

Link: CVE-2020-28387

JSON object: View

Redhat Information

No data.

CWE

CWE-611

{"containers": {"cna": {"affected": [{"product": "Solid Edge SE2020", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All Versions < SE2020MP13"}]}, {"product": "Solid Edge SE2021", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All Versions < SE2021MP3"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP3). When opening a specially crafted SEECTCXML file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11923)"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-611", "description": "CWE-611: Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-04-22T20:42:20", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-715184.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2020-28387", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Solid Edge SE2020", "version": {"version_data": [{"version_value": "All Versions < SE2020MP13"}]}}, {"product_name": "Solid Edge SE2021", "version": {"version_data": [{"version_value": "All Versions < SE2021MP3"}]}}]}, "vendor_name": "Siemens"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP3). When opening a specially crafted SEECTCXML file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11923)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-611: Improper Restriction of XML External Entity Reference"}]}]}, "references": {"reference_data": [{"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-715184.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-715184.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2020-28387", "datePublished": "2021-03-15T17:03:30", "dateReserved": "2020-11-10T00:00:00", "dateUpdated": "2021-04-22T20:42:20", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:siemens:solid_edge:*:*:*:*:*:*:*:*", "matchCriteriaId": "576A303A-66CA-4694-AA54-9EB0137C24F1", "versionEndExcluding": "se2021", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge:se2021:-:*:*:*:*:*:*", "matchCriteriaId": "39D237BD-EE55-4B40-ABC3-194C4BF7C6CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:solid_edge:se2021:maintenance_pack1:*:*:*:*:*:*", "matchCriteriaId": "49F5649A-349C-42C6-AFFF-CEE1ABC14E67", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP3). When opening a specially crafted SEECTCXML file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11923)"}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en Solid Edge SE2020 (Todas las versiones anteriores a SE2020MP13), Solid Edge SE2021 (Todas las versiones anteriores a SE2021MP3). Cuando se abre un archivo SEECTCXML especialmente dise\u00f1ado, la aplicaci\u00f3n podr\u00eda divulgar archivos arbitrarios a atacantes remotos. Esto es debido al paso de contenido especialmente dise\u00f1ado hacia el analizador XML subyacente sin tomar las restricciones apropiadas, como prohibir un dtd externo. (ZDI?CAN?11923)"}], "id": "CVE-2020-28387", "lastModified": "2021-07-15T18:00:27.427", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-03-15T17:15:20.660", "references": [{"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-715184.pdf"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "productcert@siemens.com", "type": "Primary"}]}