CVE-2017-6323 - OpenCVE

The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.

No CVSS v4.0

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:A/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Symantec	Management Console

Configuration 1 [-]

OR	cpe:2.3:a:symantec:management_console::::::::
	cpe:2.3:a:symantec:management_console:7.6:hf7::::::
	cpe:2.3:a:symantec:management_console:8.0:hf6::::::

No data.

References

Link	Providers
http://www.securityfocus.com/bid/98621
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00

History

No history.

MITRE

Status: PUBLISHED

Assigner: symantec

Published: 2018-04-16T18:00:00Z

Updated: 2024-09-16T23:11:18.134Z

Reserved: 2017-02-26T00:00:00

Link: CVE-2017-6323

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2018-04-16T19:29:00.340

Modified: 2018-05-23T14:38:03.660

Link: CVE-2017-6323

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "ITMS", "vendor": "Symantec Corporation", "versions": [{"status": "affected", "version": "Prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6 & ITMS 7.6_POST_HF7"}]}], "datePublic": "2017-06-28T00:00:00", "descriptions": [{"lang": "en", "value": "The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts."}], "problemTypes": [{"descriptions": [{"description": "XXE", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-04-17T09:57:01", "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "shortName": "symantec"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00"}, {"name": "98621", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/98621"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@symantec.com", "DATE_PUBLIC": "2017-06-28T00:00:00", "ID": "CVE-2017-6323", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "ITMS", "version": {"version_data": [{"version_value": "Prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6 & ITMS 7.6_POST_HF7"}]}}]}, "vendor_name": "Symantec Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "XXE"}]}]}, "references": {"reference_data": [{"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00", "refsource": "CONFIRM", "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00"}, {"name": "98621", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98621"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T15:25:48.931Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00"}, {"name": "98621", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/98621"}]}]}, "cveMetadata": {"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "assignerShortName": "symantec", "cveId": "CVE-2017-6323", "datePublished": "2018-04-16T18:00:00Z", "dateReserved": "2017-02-26T00:00:00", "dateUpdated": "2024-09-16T23:11:18.134Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:management_console:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B267A2A-6418-4465-89DE-6162EB657F73", "versionEndExcluding": "8.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:management_console:7.6:hf7:*:*:*:*:*:*", "matchCriteriaId": "625B07E1-76DD-4A78-9506-F15C8E61CB58", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:management_console:8.0:hf6:*:*:*:*:*:*", "matchCriteriaId": "078D2993-8477-4241-93E0-B5ADEC1DEB18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts."}, {"lang": "es", "value": "Symantec Management Console, en versiones anteriores a la ITMS 8.1 RU1, ITMS 8.0_POST_HF6 e ITMS 7.6_POST_HF7, tiene un problema por el cual las entradas XML que contienen una referencia a una entidad externa son procesadas por un analizador XML mal configurado. Este ataque podr\u00eda conducir a la revelaci\u00f3n de datos confidenciales, denegaci\u00f3n de servicio (DoS), Server-Side Request Forgery, escaneo de puertos desde la perspectiva de la m\u00e1quina en la que est\u00e1 el analizador y otros impactos del sistema."}], "id": "CVE-2017-6323", "lastModified": "2018-05-23T14:38:03.660", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.2, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 5.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-16T19:29:00.340", "references": [{"source": "secure@symantec.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/98621"}, {"source": "secure@symantec.com", "tags": ["Vendor Advisory"], "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00"}], "sourceIdentifier": "secure@symantec.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "nvd@nist.gov", "type": "Primary"}]}