CVE-2013-6429

MEDIUM severity · CVSS 6.8 · Cross-site request forgery (CSRF)

6.8CVSS MEDIUM

Summary

The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.

Impact & exploitability

Attack vectorNetwork

Attack complexity—

Privileges required—

User interaction—

Confidentiality impact—

Integrity impact—

Availability impact—

Exploit probability (EPSS)39%

AV:N/AC:M/Au:N/C:P/I:P/A:P

Affected products we track (1)

Spring Framework

Recommendation

Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.

Additional information

NVD record
https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanelAdvisory
http://rhn.redhat.com/errata/RHSA-2014-0400.htmlAdvisory
http://secunia.com/advisories/57915Advisory
http://www.gopivotal.com/security/cve-2013-6429Advisory
http://www.securityfocus.com/archive/1/530770/100/0/threadedAdvisory
http://www.securityfocus.com/bid/64947Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755Advisory
http://rhn.redhat.com/errata/RHSA-2014-0400.htmlAdvisory