FKIE_CVE-2023-41034

Vulnerability from fkie_nvd - Published: 2023-08-31 18:15 - Updated: 2024-11-21 08:20
Severity
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Eclipse Leshan is a device management server and client Java implementation. In affected versions DDFFileParser` and `DefaultDDFFileValidator` (and so `ObjectLoader`) are vulnerable to `XXE Attacks`. A DDF file is a LWM2M format used to store LWM2M object description. Leshan users are impacted only if they parse untrusted DDF files (e.g. if they let external users provide their own model), in that case they MUST upgrade to fixed version. If you parse only trusted DDF file and validate only with trusted xml schema, upgrading is not mandatory. This issue has been fixed in versions 1.5.0 and 2.0.0-M13. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
security-advisories@github.comhttps://github.com/eclipse-leshan/leshan/commit/29577d2879ba8e7674c3b216a7f01193fc7ae013Patch
security-advisories@github.comhttps://github.com/eclipse-leshan/leshan/commit/4d3e63ac271a817f81fba3e3229c519af7a3049cPatch
security-advisories@github.comhttps://github.com/eclipse-leshan/leshan/security/advisories/GHSA-wc9j-gc65-3cm7Mitigation, Third Party Advisory
security-advisories@github.comhttps://github.com/eclipse-leshan/leshan/wiki/Adding-new-objects#the-lwm2m-modelProduct
security-advisories@github.comhttps://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_ProcessingNot Applicable
af854a3a-2127-422b-91ae-364da2661108https://github.com/eclipse-leshan/leshan/commit/29577d2879ba8e7674c3b216a7f01193fc7ae013Patch
af854a3a-2127-422b-91ae-364da2661108https://github.com/eclipse-leshan/leshan/commit/4d3e63ac271a817f81fba3e3229c519af7a3049cPatch
af854a3a-2127-422b-91ae-364da2661108https://github.com/eclipse-leshan/leshan/security/advisories/GHSA-wc9j-gc65-3cm7Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/eclipse-leshan/leshan/wiki/Adding-new-objects#the-lwm2m-modelProduct
af854a3a-2127-422b-91ae-364da2661108https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_ProcessingNot Applicable
Impacted products
Vendor Product Version
eclipse leshan *
eclipse leshan 2.0.0
eclipse leshan 2.0.0
eclipse leshan 2.0.0
eclipse leshan 2.0.0
eclipse leshan 2.0.0
eclipse leshan 2.0.0
eclipse leshan 2.0.0
eclipse leshan 2.0.0
eclipse leshan 2.0.0
eclipse leshan 2.0.0
eclipse leshan 2.0.0
eclipse leshan 2.0.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAB8220-65D9-49C4-A405-E467D18DA48B",
              "versionEndExcluding": "1.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone1:*:*:*:*:*:*",
              "matchCriteriaId": "A9CD995F-4DDF-4E8A-BCF9-B70128AC91A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone10:*:*:*:*:*:*",
              "matchCriteriaId": "966926A3-EF5B-4478-A78E-37D664221ECB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone11:*:*:*:*:*:*",
              "matchCriteriaId": "C22BE585-DC78-4483-B7CF-C9315873C913",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone12:*:*:*:*:*:*",
              "matchCriteriaId": "92268218-018E-4924-A2CF-2D2DB4D36F11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone2:*:*:*:*:*:*",
              "matchCriteriaId": "A4055FDA-E535-4675-B6D3-812D7A3E9C1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone3:*:*:*:*:*:*",
              "matchCriteriaId": "A700BAD9-5289-49DB-9B9E-E7710522086E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone4:*:*:*:*:*:*",
              "matchCriteriaId": "7CE7B0A5-CF9B-469F-9DB6-4CCEB0F36269",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone5:*:*:*:*:*:*",
              "matchCriteriaId": "E7E15E8A-B316-4CD5-9330-14F6A7E2C69C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone6:*:*:*:*:*:*",
              "matchCriteriaId": "FFD798EF-A5BD-4E21-ABA4-F3AD00E9E7C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone7:*:*:*:*:*:*",
              "matchCriteriaId": "93448A3D-67AB-474C-AEFA-ABBD7DD7B9E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone8:*:*:*:*:*:*",
              "matchCriteriaId": "B52ECC69-1524-4581-88AE-4CE7DC47DC33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:eclipse:leshan:2.0.0:milestone9:*:*:*:*:*:*",
              "matchCriteriaId": "2254C713-BE7F-40D7-BDF3-901C03406FA7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Eclipse Leshan is a device management server and client Java implementation. In affected versions DDFFileParser` and `DefaultDDFFileValidator` (and so `ObjectLoader`) are vulnerable to `XXE Attacks`. A DDF file is a LWM2M format used to store LWM2M object description. Leshan users are impacted only if they parse untrusted DDF files (e.g. if they let external users provide their own model), in that case they MUST upgrade to fixed version. If you parse only trusted DDF file and validate only with trusted xml schema, upgrading is not mandatory.  This issue has been fixed in versions 1.5.0 and 2.0.0-M13. Users are advised to upgrade. There are no known workarounds for this vulnerability."
    },
    {
      "lang": "es",
      "value": "Eclipse Leshan es una implementaci\u00f3n Java de servidor y cliente de gesti\u00f3n de dispositivos. En las versiones afectadas, \u0027DDFFileParser\u0027 y \u0027DefaultDDFFileValidator\u0027 (y por lo tanto \u0027ObjectLoader\u0027) son vulnerables a \u0027XXE Attacks\u0027. Un archivo DDF es un formato LWM2M utilizado para almacenar la descripci\u00f3n de objetos LWM2M. Los usuarios de Leshan se ven afectados solo si analizan archivos DDF no confiables (p. ej., si permiten que usuarios externos proporcionen su propio modelo), en ese caso DEBEN actualizar a la versi\u00f3n corregida. Si solo analiza archivos DDF confiables y valida solo con esquemas XML confiables, la actualizaci\u00f3n no es obligatoria. Este problema se ha corregido en las versiones 1.5.0 y 2.0.0-M13. Se aconseja a los usuarios que actualicen. No se conocen soluciones alternativas para esta vulnerabilidad."
    }
  ],
  "id": "CVE-2023-41034",
  "lastModified": "2024-11-21T08:20:25.577",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.2,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-08-31T18:15:09.020",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/eclipse-leshan/leshan/commit/29577d2879ba8e7674c3b216a7f01193fc7ae013"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/eclipse-leshan/leshan/commit/4d3e63ac271a817f81fba3e3229c519af7a3049c"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/eclipse-leshan/leshan/security/advisories/GHSA-wc9j-gc65-3cm7"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Product"
      ],
      "url": "https://github.com/eclipse-leshan/leshan/wiki/Adding-new-objects#the-lwm2m-model"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/eclipse-leshan/leshan/commit/29577d2879ba8e7674c3b216a7f01193fc7ae013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/eclipse-leshan/leshan/commit/4d3e63ac271a817f81fba3e3229c519af7a3049c"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://github.com/eclipse-leshan/leshan/security/advisories/GHSA-wc9j-gc65-3cm7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "https://github.com/eclipse-leshan/leshan/wiki/Adding-new-objects#the-lwm2m-model"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-611"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.