CVE-2020-10683

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1694235

https://github.com/dom4j/dom4j/commit/a8228522a99a02146106672a34c104adbda5c658

https://github.com/dom4j/dom4j/releases/tag/version-2.1.3

https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html

https://security.netapp.com/advisory/ntap-20200518-0002/

http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00061.html

https://www.oracle.com/security-alerts/cpujul2020.html

https://github.com/dom4j/dom4j/commits/version-2.0.3

https://github.com/dom4j/dom4j/issues/87

https://usn.ubuntu.com/4575-1/

https://www.oracle.com/security-alerts/cpuoct2020.html

https://lists.apache.org/thread.html/[email protected]%3Cdev.velocity.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Cdev.velocity.apache.org%3E

https://www.oracle.com/security-alerts/cpujan2021.html

https://www.oracle.com/security-alerts/cpuApr2021.html

https://www.oracle.com//security-alerts/cpujul2021.html

https://lists.apache.org/thread.html/[email protected]%3Cnotifications.freemarker.apache.org%3E

Details

Source: MITRE

Published: 2020-05-01

Updated: 2021-09-17

Type: CWE-611

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:dom4j_project:dom4j:*:*:*:*:*:*:*:*

cpe:2.3:a:dom4j_project:dom4j:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from 2.4.0 to 2.10.0 (inclusive)

cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_application_session_controller:3.9m0p1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:* versions from 8.0.0 to 8.2.2 (inclusive)

cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_data_quality:11.1.1.9.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from 8.0.6 to 8.1.0 (inclusive)

cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:health_sciences_empirica_signal:9.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:health_sciences_information_manager:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* versions from 16.1.0.0 to 16.2.20.1 (inclusive)

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* versions from 17.1.0.0 to 17.12.17.1 (inclusive)

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* versions from 18.1.0.0 to 18.8.19.0 (inclusive)

cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* versions from 19.12.0.0 to 19.12.6.0 (inclusive)

cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:16.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:17.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:19.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_price_management:14.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_price_management:14.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_price_management:15.0.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_price_management:16.0.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:utilities_framework:2.2.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:* versions from 4.3.0.1.0 to 4.3.0.6.0 (inclusive)

cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_portal:11.1.1.9.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*

cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*

Configuration 5

OR

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

Tenable Plugins

View all (20 total)

IDNameProductFamilySeverity
152033Oracle JDeveloper XXE (July 2021 CPU)NessusMisc.
critical
151903Oracle Enterprise Manager Cloud Control (Jul 2021 CPU)NessusMisc.
critical
146048Oracle WebCenter Portal Multiple Vulnerabilities (Jan 2021 CPU)NessusMisc.
critical
145246Oracle Business Process Management Suite (Jan 2021 CPU)NessusMisc.
critical
145224Oracle Application Testing Suite (Jan 2021 CPU)NessusMisc.
critical
142223Oracle WebCenter Portal Multiple Vulnerabilities (Oct 2020 CPU)NessusMisc.
critical
141450Ubuntu 16.04 LTS : dom4j vulnerability (USN-4575-1)NessusUbuntu Local Security Checks
critical
140869EulerOS 2.0 SP3 : dom4j (EulerOS-SA-2020-2102)NessusHuawei Local Security Checks
critical
140397RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 6 (RHSA-2020:3637)NessusRed Hat Local Security Checks
critical
140392RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 8 (RHSA-2020:3639)NessusRed Hat Local Security Checks
critical
140390RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 7 (RHSA-2020:3638)NessusRed Hat Local Security Checks
critical
139619RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.3.2 (RHSA-2020:3463)NessusRed Hat Local Security Checks
critical
139618RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.2 (RHSA-2020:3461)NessusRed Hat Local Security Checks
critical
139616RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.3.2 (RHSA-2020:3462)NessusRed Hat Local Security Checks
critical
139129EulerOS 2.0 SP8 : dom4j (EulerOS-SA-2020-1799)NessusHuawei Local Security Checks
critical
138511Oracle Primavera P6 Enterprise Project Portfolio Management Multiple Vulnerabilities (Jul 2020 CPU)NessusCGI abuses
critical
137519EulerOS 2.0 SP2 : dom4j (EulerOS-SA-2020-1677)NessusHuawei Local Security Checks
critical
137014EulerOS 2.0 SP5 : dom4j (EulerOS-SA-2020-1596)NessusHuawei Local Security Checks
critical
136960openSUSE Security Update : dom4j (openSUSE-2020-719)NessusSuSE Local Security Checks
critical
136201Debian DLA-2191-1 : dom4j security updateNessusDebian Local Security Checks
critical