Release Date: 02-Feb-2015

Last Update: –

Vendor Notification Date: 20-Jan-2015

Product: Splendid CRM Community Edition

Platform: –

Affected versions: All versions prior to 9.0.5478

Severity Rating: Medium

Impact: Local file system access

Attack Vector: Remote with authentication

Solution Status: Vendor update

CVE reference: –

Details

Importing an XML file that contains an XML external entity to the Splendid CRM application permits an attacker to retrieve a local file from the web server. The attacker must be authenticated to the administrative interface. An XML External Entity attack is an attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity such as a local file on the web server. Common targets include configuration files, e.g. ASP.NET web.config or Linux password files, e.g. /etc/shadow.

Please refer to the PDF version of this advisory for proof of concept code examples.

Solution

Update to the latest version.

Discovered By

Nathaniel Carew from Sense of Security Labs.