CVE-2014-3005 - Improper Restriction of XML External Entity Reference

Severity

75%

Complexity

99%

Confidentiality

106%

XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.

XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.

CVSS 3.0 Base Score 9.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 7 years ago

2018-02-01 17:29:00

Last updated 7 years ago

2018-02-21 14:57:00

Affected Software

ZABBIX 1.8

1.8

ZABBIX 1.8.1

1.8.1

ZABBIX 1.8.2

1.8.2

ZABBIX 1.8.16

1.8.16

ZABBIX 1.8.18

1.8.18

ZABBIX 1.8.19

1.8.19

ZABBIX 2.0.0

2.0.0

ZABBIX 2.0.1

2.0.1

ZABBIX 2.0.2

2.0.2

ZABBIX 2.0.3

2.0.3

ZABBIX 2.0.4

2.0.4

ZABBIX 2.0.5

2.0.5

ZABBIX 2.0.6

2.0.6

Zabbix 2.2.4

2.2.4

ZABBIX 2.3.0

2.3.0

ZABBIX 2.3.1

2.3.1

Fedora 19

19

Fedora 20

20

References

FEDORA-2014-7594

Third Party Advisory

FEDORA-2014-7603

Third Party Advisory

20140617 [CVE-2014-3005]Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack

Mailing List, Third Party Advisory

68075

Third Party Advisory, VDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1110496

Issue Tracking, Third Party Advisory

https://support.zabbix.com/browse/ZBX-8151

Exploit, Patch, Vendor Advisory

https://web.archive.org/web/20140622034155/http://www.pnigos.com:80/?p=273

Exploit, Third Party Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.