A vulnerability classified as critical was found in Restlet Framework up to 2.3.10. Affected by this vulnerability is an unknown code of the component SimpleXMLProvider. The manipulation as part of a REST API HTTP Request leads to a xml external entity reference vulnerability. The CWE definition for the vulnerability is CWE-611. The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP request. This affects use of the Jax-rs extension.

The bug was discovered 10/02/2017. The weakness was disclosed 11/30/2017 (Website). It is possible to read the advisory at github.com. This vulnerability is known as CVE-2017-14868 since 09/28/2017. The exploitation appears to be easy. The attack can be launched remotely. The exploitation doesn't need any form of authentication. The technical details are unknown and an exploit is not publicly available.

The vulnerability was handled as a non-public zero-day exploit for at least 59 days. During that time the estimated underground price was around $0-$5k.

Upgrading to version 2.3.11 eliminates this vulnerability.

The entry 110108 is pretty similar.

Productinfo

Vendor

• Restlet

Name

• Framework

Version

• 2.3.0
• 2.3.1
• 2.3.2
• 2.3.3
• 2.3.4
• 2.3.5
• 2.3.6
• 2.3.7
• 2.3.8
• 2.3.9
• 2.3.10

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion