CVE-2018-1000632

CVSS V2 Medium 5 CVSS V3 High 7.5
Description
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later.
Overview
  • CVE ID
  • CVE-2018-1000632
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2018-08-20T19:31:31
  • Last Modified Date
  • 2021-09-07T06:15:06
Weakness Enumerations
CWE URL
CWE-91 http://cwe.mitre.org/data/definitions/91.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:a:dom4j_project:dom4j:*:*:*:*:*:*:*:* 1 OR 2.0.0 2.0.3
cpe:2.3:a:dom4j_project:dom4j:*:*:*:*:*:*:*:* 1 OR 2.1.0 2.1.1
AND
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* 1 OR
AND
cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* 1 OR 16.1.0.0 16.2.20.1
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* 1 OR 17.1.0.0 17.12.17.1
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* 1 OR 18.1.0.0 18.8.19.0
cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:* 1 OR 19.12.0.0 19.12.6.0
cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:* 1 OR 4.3.0.2.0 4.3.0.6.0
cpe:2.3:a:oracle:utilities_framework:2.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:oracle:utilities_framework:4.4.0.2:*:*:*:*:*:*:* 1 OR
AND
cpe:2.3:a:redhat:satellite:6.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:satellite_capsule:6.6:*:*:*:*:*:*:* 1 OR
AND
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* 0 OR
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:* 1 OR
cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:N/I:P/A:N
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • NONE
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • NONE
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • NONE
  • Availability Impact
  • NONE
  • Base Score
  • 7.5
  • Base Severity
  • HIGH
  • Exploitability Score
  • 3.9
  • Impact Score
  • 3.6
References
Reference URL Reference Tags
https://ihacktoprotect.com/post/dom4j-xml-injection/ Exploit Third Party Advisory
https://github.com/dom4j/dom4j/issues/48 Third Party Advisory
https://github.com/dom4j/dom4j/commit/e598eb43d418744c4dbf62f647dd2381c9ce9387 Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/09/msg00028.html Mailing List Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0365 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0364 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0362 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0380 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1162 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1161 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1160 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:1159 Third Party Advisory
https://security.netapp.com/advisory/ntap-20190530-0001/ Third Party Advisory
https://lists.apache.org/thread.html/7f6e120e6ed473f4e00dde4c398fc6698eb383bd7857d20513e989ce@%3Cdev.maven.apache.org%3E Mailing List Third Party Advisory
https://lists.apache.org/thread.html/4a77652531d62299a30815cf5f233af183425db8e3c9a824a814e768@%3Cdev.maven.apache.org%3E Mailing List Third Party Advisory
https://lists.apache.org/thread.html/5a020ecaa3c701f408f612f7ba2ee37a021644c4a39da2079ed3ddbc@%3Ccommits.maven.apache.org%3E Mailing List Patch Third Party Advisory
https://lists.apache.org/thread.html/00571f362a7a2470fba50a31282c65637c40d2e21ebe6ee535a4ed74@%3Ccommits.maven.apache.org%3E Mailing List Patch Third Party Advisory
https://lists.apache.org/thread.html/d7d960b2778e35ec9b4d40c8efd468c7ce7163bcf6489b633491c89f@%3Cdev.maven.apache.org%3E Mailing List Third Party Advisory
https://lists.apache.org/thread.html/9d4c1af6f702c3d6d6f229de57112ddccac8ce44446a01b7937ab9e0@%3Ccommits.maven.apache.org%3E Mailing List Patch Third Party Advisory
https://lists.apache.org/thread.html/7e9e78f0e4288fac6591992836d2a80d4df19161e54bd71ab4b8e458@%3Cdev.maven.apache.org%3E Mailing List Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3172 Third Party Advisory
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2020.html Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOOVVCRQE6ATFD2JM2EMDXOQXTRIVZGP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJULAHVR3I5SX7OSMXAG75IMNSAYOXGA/
https://www.oracle.com/security-alerts/cpuApr2021.html
https://lists.apache.org/thread.html/rb1b990d7920ae0d50da5109b73b92bab736d46c9788dd4b135cb1a51@%3Cnotifications.freemarker.apache.org%3E
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2018-1000632
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000632
History
Created Old Value New Value Data Type Notes
2022-05-10 16:07:52 Added to TrackCVE
2022-12-03 11:18:05 2018-08-20T19:31Z 2018-08-20T19:31:31 CVE Published Date updated
2022-12-03 11:18:05 2021-09-07T06:15:06 CVE Modified Date updated
2022-12-03 11:18:05 Modified Vulnerability Status updated