Vulnerability identifier: #VU13328
Vulnerability risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-611
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
SearchBlox
Client/Desktop applications /
Other client software
Vendor: SearchBlox
Description
The vulnerability allows a remote attacker to conduct XXE attack on the target system.
The vulnerability exists due to XML external entity vulnerability in api/rest/status. A remote attacker can submit a specially crafted DTD in an XML request and read arbitrary files or conduct server-side request forgery (SSRF) attacks.
Mitigation
Install update from vendor's website.
Vulnerable software versions
SearchBlox: 8.6.7
External links
http://gurelahmet.com/searchblox-8-6-7-out-of-band-xml-external-entity-oob-xxe-cve-2018-11586/
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.