{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6194", "assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "state": "PUBLISHED", "assignerShortName": "eclipse", "dateReserved": "2023-11-17T16:32:44.668Z", "datePublished": "2023-12-11T14:04:51.680Z", "dateUpdated": "2024-08-02T08:21:17.798Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Eclipse Memory Analyzer (tools.mat)", "vendor": "Eclipse Foundation", "versions": [{"lessThanOrEqual": "1.14.0", "status": "affected", "version": "0.7", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit\ndocument type definition (DTD) references to external entities.\nThis means that if a user chooses to use a malicious report definition XML file containing an external entity reference\nto generate a report then Eclipse Memory Analyzer may access external files or URLs defined via a DTD in the report definition.<br>"}], "value": "In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit\ndocument type definition (DTD) references to external entities.\nThis means that if a user chooses to use a malicious report definition XML file containing an external entity reference\nto generate a report then Eclipse Memory Analyzer may access external files or URLs defined via a DTD in the report definition.\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-611", "description": "CWE-611 Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "shortName": "eclipse", "dateUpdated": "2023-12-11T14:04:51.680Z"}, "references": [{"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/15"}, {"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=582631"}, {"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/169"}], "source": {"discovery": "UNKNOWN"}, "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A workaround for Eclipse Memory Analyzer 1.14.0 and earlier is to run MAT with the following system properties set in MemoryAnalyzer.ini</p>\n<div>\n<pre><code>-Djavax.xml.accessExternalSchema=\n-Djavax.xml.accessExternalDTD=</code></pre></div><br>"}], "value": "A workaround for Eclipse Memory Analyzer 1.14.0 and earlier is to run MAT with the following system properties set in MemoryAnalyzer.ini\n\n\n\n-Djavax.xml.accessExternalSchema=\n-Djavax.xml.accessExternalDTD=\n\n\n\n\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:21:17.798Z"}, "title": "CVE Program Container", "references": [{"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/15", "tags": ["x_transferred"]}, {"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=582631", "tags": ["x_transferred"]}, {"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/169", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:eclipse:memory_analyzer:*:*:*:*:*:*:*:*", "matchCriteriaId": "D500DCF6-D5A8-4B08-A627-9F57397C3FC2", "versionEndIncluding": "1.14.0", "versionStartIncluding": "0.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit\ndocument type definition (DTD) references to external entities.\nThis means that if a user chooses to use a malicious report definition XML file containing an external entity reference\nto generate a report then Eclipse Memory Analyzer may access external files or URLs defined via a DTD in the report definition.\n"}, {"lang": "es", "value": "En las versiones 0.7 a 1.14.0 de Eclipse Memory Analyzer, los archivos XML de definici\u00f3n de informes no se filtran para prohibir las referencias de definici\u00f3n de tipo de documento (DTD) a entidades externas. Esto significa que si un usuario elige utilizar un archivo XML de definici\u00f3n de informe malicioso que contiene una referencia de entidad externa para generar un informe, Eclipse Memory Analyzer puede acceder a archivos externos o URL definidos mediante una DTD en la definici\u00f3n del informe."}], "id": "CVE-2023-6194", "lastModified": "2024-11-21T08:43:19.773", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 1.4, "source": "emo@eclipse.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-11T14:15:31.847", "references": [{"source": "emo@eclipse.org", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=582631"}, {"source": "emo@eclipse.org", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/15"}, {"source": "emo@eclipse.org", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/169"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=582631"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/169"}], "sourceIdentifier": "emo@eclipse.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "emo@eclipse.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-611"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}