#VU8157 XXE attack in Cisco SocialMiner
Vulnerability identifier: #VU8157
Vulnerability risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-611
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco SocialMiner
Web applications /
E-Commerce systems
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to conduct XXE attack.
The weakness exists in the encryption library due to improper handling of XML External Entity (XXE) entries when parsing an XML file. A remote attacker can send manipulated XML data and gain read and write access to information or execute arbitrary code on the target system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Cisco SocialMiner: 11.6.1
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-socmin
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
