In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.
https://lists.apache.org/thread.html/[email protected]%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cuser.tika.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cuser.tika.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Cuser.tika.apache.org%3E
https://lists.apache.org/thread.html/[email protected]%3Csolr-user.lucene.apache.org%3E
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/security-alerts/cpujan2021.html
Source: MITRE
Published: 2019-10-23
Updated: 2021-01-20
Type: CWE-611
Base Score: 2.1
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 3.9
Severity: LOW
Base Score: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 1.8
Severity: MEDIUM
OR
cpe:2.3:a:apache:poi:*:*:*:*:*:*:*:* versions up to 4.1.0 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
138564 | Oracle WebCenter Portal Multiple Vulnerabilities (Jul 2020 CPU) | Nessus | Misc. | high |
138555 | Oracle Enterprise Manager Cloud Control (Jul 2020 CPU) | Nessus | Misc. | high |
133359 | Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2020 CPU) | Nessus | CGI abuses | high |
133260 | Oracle Application Testing Suite Multiple Vulnerabilities (Jan 2020 CPU) | Nessus | Misc. | high |
132936 | Oracle Primavera Gateway Multiple Vulnerabilities (Jan 2020 CPU) | Nessus | CGI abuses | high |