Miggo Logo

CVE-2018-1000822: XML External Entity (XXE) vulnerability in codelibs fess

10

CVSS Score
3.0

Basic Information

EPSS Score
0.47758%
Published
12/20/2018
Updated
1/9/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.codelibs.fess:fessmaven< 12.3.212.3.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from insecure XML parsing in the GSA XML file parser. The GitHub issue (#1851) and 0dd.zone report explicitly point to AdminBackupAction.java triggering GsaConfigParser.parse() for GSA XML files. While AdminBackupAction.java is the entry point, the root cause is in GsaConfigParser's implementation. The use of SAXParserFactory without disabling external entities (as indicated in the GitHub issue description) directly enables XXE. The confidence is high because multiple sources confirm the GSA parser's role, and XXE vulnerabilities in SAXParser are well-understood in this context.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*o**li*s **ss v*rsion ***or* *ommit ******* *ont*ins * XML *xt*rn*l *ntity (XX*) vuln*r**ility in *S* XML *il* p*rs*r t**t **n r*sult in *is*losur* o* *on*i**nti*l **t*, **ni*l o* s*rvi**, SSR*, port s**nnin*. T*is *tt**k *pp**r to ** *xploit**l* vi*

Reasoning

T** vuln*r**ility st*ms *rom ins**ur* XML p*rsin* in t** *S* XML *il* p*rs*r. T** *it*u* issu* (#****) *n* ***.zon* r*port *xpli*itly point to `**min***kup**tion.j*v*` tri***rin* `*s**on*i*P*rs*r.p*rs*()` *or *S* XML *il*s. W*il* `**min***kup**tion.j