Miggo Logo

CVE-2018-0765: Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents

7.5

CVSS Score
3.0

Basic Information

EPSS Score
0.90171%
Published
10/16/2018
Updated
1/9/2023
KEV Status
No
Technology
TechnologyC#

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
System.Security.Cryptography.Xmlnuget< 4.4.24.4.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability (CWE-611) stems from improper restriction of XML External Entity references. The affected package, System.Security.Cryptography.Xml, handles XML encryption and signatures. Functions like DecryptDocument and CheckSignature are core to parsing and processing XML in this context. Historical fixes for XXE vulnerabilities in .NET often involve hardening XML parsers by disabling DTDs and external resolvers. These functions are critical points where insecure XML parsing configurations would manifest, aligning with the described denial of service vector. The high confidence stems from the direct correlation between the CWE, the package's purpose, and the typical remediation patterns for XXE in .NET's XML processing components.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* **ni*l o* s*rvi** vuln*r**ility *xists w**n .N*T *n* .N*T *or* improp*rly pro**ss XML *o*um*nts, *k* ".N*T *n* .N*T *or* **ni*l o* S*rvi** Vuln*r**ility." T*is *****ts Mi*roso*t .N*T *r*m*work *.*, Mi*roso*t .N*T *r*m*work *.*, Mi*roso*t .N*T *r*m*

Reasoning

T** vuln*r**ility (*W*-***) st*ms *rom improp*r r*stri*tion o* XML *xt*rn*l *ntity r***r*n**s. T** *****t** p**k***, `Syst*m.S**urity.*rypto*r*p*y.Xml`, **n*l*s XML *n*ryption *n* si*n*tur*s. *un*tions lik* `***rypt*o*um*nt` *n* `****kSi*n*tur*` *r*