CVE-2023-26058
XML External Entity (XXE) Vulnerability in Nokia NetAct
Public disclosure |
28-02-2023 |
|---|---|
Last updated |
28-02-2023 |
Vulnerability type |
XML External Entity (XXE) |
CVSS vector |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
CVSS score |
6.5 |
Description
The Input validation and proper XML parsers configuration was insufficient in NetAct. On the Configuration Dashboard page, XML files can be uploaded. Enabled support of External Entity will process such files and potentially exploit Arbitrary File Read and SSRF.
This vulnerability is very difficult to be exploited from external, because a few dynamically created parameters (e.g. Jsession-id, CSRF token and Nxsrf tokens) would be needed. The attack can only be performed by an internal user.
Affected products and versions
Product |
Versions |
|---|---|
NetAct |
NetAct 20, NetAct 22 |
Mitigation plan
Fix has been provided on top of NetAct 22
Acknowledgements
- Vladimir Razov from Positive Technologies
- Aleksandr Ustinov from Positive Technologies
References
Change history: Initial version is published on 28-02-2023