Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-17198

Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache Roller 5.2.1, 5.2.0 and earlier unsupported versions relies on Java SAX Parser to implement its XML-RPC interface and by default that parser supports external entities in XML DOCTYPE, which opens Roller up to SSRF / File Enumeration vulnerability. Note that this vulnerability exists even if Roller XML-RPC interface is disable via the Roller web admin UI. Mitigation: There are a couple of ways you can fix this vulnerability: 1) Upgrade to the latest version of Roller, which is now 5.2.2 2) Or, edit the Roller web.xml file and comment out the XML-RPC Servlet mapping as shown below: <!-- <servlet-mapping> <servlet-name>XmlRpcServlet</servlet-name> <url-pattern>/roller-services/xmlrpc</url-pattern> </servlet-mapping> -->

Published

2019-05-28T18:29:00.273

Last Modified

2024-11-21T03:54:04.610

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-918
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application apache roller ≤ 5.1.2 Yes
Application apache roller 5.2.0 Yes
Application apache roller 5.2.0 Yes
Application apache roller 5.2.0 Yes
Application apache roller 5.2.0 Yes
Application apache roller 5.2.0 Yes
Application apache roller 5.2.0 Yes
Application apache roller 5.2.1 Yes
References