Vulnerability-Lookup

CNVD-2018-19529

Vulnerability from cnvd - Published: 2018-09-20

Title

IBM FileNet Content Manager和Content Foundation Administration Console for Content Platform Engine XML外部实体注入漏洞

Description

IBM FileNet Content Manager和Content Foundation都是美国IBM公司的针对FileNet P8平台的内容管理解决方案。该方案将文档管理与即用型工作流程工具相结合，可管理图像、视频、Web内容、合规性文档等。Administration Console for Content Platform Engine（ACCE）是其中的一个用于内容平台引擎的管理控制台程序。 IBM FileNet Content Manager 5.2.1, 5.5.0版本和Content Foundation 5.2.1, 5.5.0版本中的ACCE存在安全漏洞。远程攻击者可利用该漏洞泄露敏感信息或消耗内存资源。

Severity

中

Patch Name

IBM FileNet Content Manager和Content Foundation Administration Console for Content Platform Engine XML外部实体注入漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www-01.ibm.com/support/docview.wss?uid=swg22015943

Reference

https://www-01.ibm.com/support/docview.wss?uid=swg22015943

Impacted products

Name
['IBM FileNet Content Manager 5.2.1', 'IBM FileNet Content Manager 5.5.0', 'IBM Content Foundation 5.2.1', 'IBM Content Foundation 5.5.0', 'IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1', 'IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.5.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-1542",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1542"
    }
  },
  "description": "IBM FileNet Content Manager\u548cContent Foundation\u90fd\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u9488\u5bf9FileNet P8\u5e73\u53f0\u7684\u5185\u5bb9\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u5c06\u6587\u6863\u7ba1\u7406\u4e0e\u5373\u7528\u578b\u5de5\u4f5c\u6d41\u7a0b\u5de5\u5177\u76f8\u7ed3\u5408\uff0c\u53ef\u7ba1\u7406\u56fe\u50cf\u3001\u89c6\u9891\u3001Web\u5185\u5bb9\u3001\u5408\u89c4\u6027\u6587\u6863\u7b49\u3002Administration Console for Content Platform Engine\uff08ACCE\uff09\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u4e8e\u5185\u5bb9\u5e73\u53f0\u5f15\u64ce\u7684\u7ba1\u7406\u63a7\u5236\u53f0\u7a0b\u5e8f\u3002\r\n\r\nIBM FileNet Content Manager 5.2.1, 5.5.0\u7248\u672c\u548cContent Foundation 5.2.1, 5.5.0\u7248\u672c\u4e2d\u7684ACCE\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6cc4\u9732\u654f\u611f\u4fe1\u606f\u6216\u6d88\u8017\u5185\u5b58\u8d44\u6e90\u3002",
  "discovererName": "Jayson Grace",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www-01.ibm.com/support/docview.wss?uid=swg22015943",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-19529",
  "openTime": "2018-09-20",
  "patchDescription": "IBM FileNet Content Manager\u548cContent Foundation\u90fd\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u9488\u5bf9FileNet P8\u5e73\u53f0\u7684\u5185\u5bb9\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u3002\u8be5\u65b9\u6848\u5c06\u6587\u6863\u7ba1\u7406\u4e0e\u5373\u7528\u578b\u5de5\u4f5c\u6d41\u7a0b\u5de5\u5177\u76f8\u7ed3\u5408\uff0c\u53ef\u7ba1\u7406\u56fe\u50cf\u3001\u89c6\u9891\u3001Web\u5185\u5bb9\u3001\u5408\u89c4\u6027\u6587\u6863\u7b49\u3002Administration Console for Content Platform Engine\uff08ACCE\uff09\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u4e8e\u5185\u5bb9\u5e73\u53f0\u5f15\u64ce\u7684\u7ba1\u7406\u63a7\u5236\u53f0\u7a0b\u5e8f\u3002\r\n\r\nIBM FileNet Content Manager 5.2.1, 5.5.0\u7248\u672c\u548cContent Foundation 5.2.1, 5.5.0\u7248\u672c\u4e2d\u7684ACCE\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6cc4\u9732\u654f\u611f\u4fe1\u606f\u6216\u6d88\u8017\u5185\u5b58\u8d44\u6e90\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "IBM FileNet Content Manager\u548cContent Foundation Administration Console for Content Platform Engine XML\u5916\u90e8\u5b9e\u4f53\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "IBM FileNet Content Manager 5.2.1",
      "IBM FileNet Content Manager 5.5.0",
      "IBM Content Foundation 5.2.1",
      "IBM Content Foundation 5.5.0",
      "IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1",
      "IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.5.0"
    ]
  },
  "referenceLink": "https://www-01.ibm.com/support/docview.wss?uid=swg22015943",
  "serverity": "\u4e2d",
  "submitTime": "2018-07-10",
  "title": "IBM FileNet Content Manager\u548cContent Foundation Administration Console for Content Platform Engine XML\u5916\u90e8\u5b9e\u4f53\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2018-1542 (GCVE-0-2018-1542)

Vulnerability from cvelistv5 – Published: 2018-07-06 14:00 – Updated: 2024-09-17 00:51

Summary

IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 142597.

Severity ?

7.1 (High)


                        
                          CVSS:3.0/A:L/AC:L/AV:N/C:H/I:N/PR:L/S:U/UI:N/E:U/RC:C/RL:O

CWE

Obtain Information

Assigner

ibm

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.ibm.com/support/docview.wss?uid=swg22015943	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1041225	vdb-entryx_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	IBM	FileNet P8 Platform	Affected: 5.2.1 Affected: 5.5.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T04:07:43.392Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-filenet-cve20181542-xxe(142597)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142597"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg22015943"
          },
          {
            "name": "1041225",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041225"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FileNet P8 Platform",
          "vendor": "IBM",
          "versions": [
            {
              "status": "affected",
              "version": "5.2.1"
            },
            {
              "status": "affected",
              "version": "5.5.0"
            }
          ]
        }
      ],
      "datePublic": "2018-07-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 142597."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 6.2,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/A:L/AC:L/AV:N/C:H/I:N/PR:L/S:U/UI:N/E:U/RC:C/RL:O",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Obtain Information",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-07T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-filenet-cve20181542-xxe(142597)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142597"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg22015943"
        },
        {
          "name": "1041225",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041225"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "DATE_PUBLIC": "2018-07-02T00:00:00",
          "ID": "CVE-2018-1542",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "FileNet P8 Platform",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "5.2.1"
                          },
                          {
                            "version_value": "5.5.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "IBM"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 142597."
            }
          ]
        },
        "impact": {
          "cvssv3": {
            "BM": {
              "A": "L",
              "AC": "L",
              "AV": "N",
              "C": "H",
              "I": "N",
              "PR": "L",
              "S": "U",
              "UI": "N"
            },
            "TM": {
              "E": "U",
              "RC": "C",
              "RL": "O"
            }
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Obtain Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-filenet-cve20181542-xxe(142597)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/142597"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg22015943",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22015943"
            },
            {
              "name": "1041225",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041225"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2018-1542",
    "datePublished": "2018-07-06T14:00:00Z",
    "dateReserved": "2017-12-13T00:00:00",
    "dateUpdated": "2024-09-17T00:51:48.607Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-19529

CVE-2018-1542 (GCVE-0-2018-1542)

Tags

Sightings

Nomenclature