CVE-2020-26981 - OpenCVE

A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). When opening a specially crafted xml file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11890)

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Siemens	Jt2go Teamcenter Visualization

Configuration 1 [-]

OR	cpe:2.3:a:siemens:jt2go::::::::
	cpe:2.3:a:siemens:teamcenter_visualization::::::::

No data.

References

Link	Providers
https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf
https://www.zerodayinitiative.com/advisories/ZDI-21-048/

History

No history.

MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2021-01-12T20:18:33

Updated: 2024-08-04T16:03:23.175Z

Reserved: 2020-10-12T00:00:00

Link: CVE-2020-26981

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-01-12T21:15:16.683

Modified: 2021-02-23T13:50:30.917

Link: CVE-2020-26981

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "JT2Go", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V13.1.0"}]}, {"product": "Teamcenter Visualization", "vendor": "Siemens", "versions": [{"status": "affected", "version": "All versions < V13.1.0"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). When opening a specially crafted xml file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11890)"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-611", "description": "CWE-611: Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-05-19T13:51:23", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-048/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "productcert@siemens.com", "ID": "CVE-2020-26981", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "JT2Go", "version": {"version_data": [{"version_value": "All versions < V13.1.0"}]}}, {"product_name": "Teamcenter Visualization", "version": {"version_data": [{"version_value": "All versions < V13.1.0"}]}}]}, "vendor_name": "Siemens"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). When opening a specially crafted xml file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11890)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-611: Improper Restriction of XML External Entity Reference"}]}]}, "references": {"reference_data": [{"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf", "refsource": "MISC", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"}, {"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-048/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-048/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T16:03:23.175Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-048/"}]}]}, "cveMetadata": {"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2020-26981", "datePublished": "2021-01-12T20:18:33", "dateReserved": "2020-10-12T00:00:00", "dateUpdated": "2024-08-04T16:03:23.175Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*", "matchCriteriaId": "307FDFE4-A801-4978-8903-BC38ED035927", "versionEndExcluding": "13.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", "matchCriteriaId": "30E90A52-9FD9-450A-8003-9F6C451E0823", "versionEndExcluding": "13.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in JT2Go (All versions < V13.1.0), Teamcenter Visualization (All versions < V13.1.0). When opening a specially crafted xml file, the application could disclose arbitrary files to remote attackers. This is because of the passing of specially crafted content to the underlying XML parser without taking proper restrictions such as prohibiting an external dtd. (ZDI-CAN-11890)"}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en JT2Go (todas las versiones anteriores a V13.1.0), Teamcenter Visualization (todas las versiones anteriores a V13.1.0). Al abrir un archivo xml especialmente dise\u00f1ado, la aplicaci\u00f3n podr\u00eda revelar archivos arbitrarios a atacantes remotos. Esto es debido al paso de contenido especialmente dise\u00f1ado al analizador XML subyacente sin tomar las restricciones apropiadas, como prohibir un dtd externo. ZDI-CAN-11890)"}], "id": "CVE-2020-26981", "lastModified": "2021-02-23T13:50:30.917", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-01-12T21:15:16.683", "references": [{"source": "productcert@siemens.com", "tags": ["Vendor Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-622830.pdf"}, {"source": "productcert@siemens.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-048/"}], "sourceIdentifier": "productcert@siemens.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-611"}], "source": "productcert@siemens.com", "type": "Secondary"}]}