Vulnerability Name:

CVE-2013-6429 (CCN-90451)

Assigned:2013-11-04
Published:2014-01-14
Updated:2022-04-11
Summary:The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-352
CWE-611
Vulnerability Consequences:Obtain Information
References:Source: CCN
Type: Debian Bug report logs - #735420
libspring-java: CVE-2013-6429 CVE-2013-6430

Source: MITRE
Type: CNA
CVE-2013-6429

Source: REDHAT
Type: Third Party Advisory
RHSA-2014:0400

Source: CCN
Type: SA56388
Spring Framework SourceHttpMessageConverter XML Entity References Information Disclosure Vulnerability

Source: SECUNIA
Type: Third Party Advisory
57915

Source: CCN
Type: Pivotal Web site
CVE-2013-6429 Fix for XML External Entity (XXE) Injection (CVE-2013-4152) in Spring Framework was Incomplete

Source: CONFIRM
Type: Third Party Advisory
http://www.gopivotal.com/security/cve-2013-6429

Source: CCN
Type: IBM Security Bulletin 1687759
IBM Algo One Counterparty Credit Risk is affected by Open Source Spring Framework vulnerabilities (CVE-2013-6429 & CVE-2013-6430)

Source: CCN
Type: IBM Security Bulletin 1989676 (WebSphere Portal)
Security Vulnerabilities in Spring Framework affect IBM WebSphere Portal

Source: CCN
Type: IBM Security Bulletin 2013753 (Security Guardium Big Data Intelligence)
IBM Security Guardium Big Data Intelligence (SonarG) is vulnerable to using Components with Known Vulnerabilities

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20140114 CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete

Source: BID
Type: Third Party Advisory, VDB Entry
64947

Source: CCN
Type: BID-64947
Spring Framework CVE-2013-6429 Multiple XML External Entity Injection Vulnerabilities

Source: CCN
Type: SpringSource Web site
Spring Framework

Source: XF
Type: UNKNOWN
spring-framework-cve20146429-info-disc(90451)

Source: CONFIRM
Type: Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

Source: CONFIRM
Type: Third Party Advisory, Vendor Advisory
https://jira.springsource.org/browse/SPR-11078?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel

Source: CCN
Type: IBM Security Bulletin 0872142 (Security Identity Governance and Intelligence)
IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6857863 (MobileFirst Platform Foundation)
Multiple vulnerabilities found on thirdparty libraries used by IBM MobileFirst Platform

Source: CCN
Type: IBM Security Bulletin 6955033 (Security Directory Integrator)
IBM Security Directory Integrator is affected by multiple security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7001693 (Security Directory Suite VA)
IBM Security Directory Suite is vulnerable to multiple issues

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-6429

Vulnerable Configuration:Configuration 1:
  • cpe:/a:vmware:spring_framework:4.0.0:milestone1:*:*:*:*:*:*
  • OR cpe:/a:vmware:spring_framework:4.0.0:milestone2:*:*:*:*:*:*
  • OR cpe:/a:vmware:spring_framework:4.0.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:pivotal_software:spring_framework:*:*:*:*:*:*:*:* (Version >= 3.0.0 and <= 3.2.4)

    • Configuration CCN 1:
  • cpe:/a:springsource:spring_framework:3.2.4:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:websphere_portal:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:websphere_portal:8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_guardium_big_data_intelligence:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:mobilefirst_platform_foundation:8.0.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:22246
    P
    		DSA-2857-1 libspring-java - several
    2014-06-23
    oval:com.ubuntu.cosmic:def:201364290000000
    V
    		CVE-2013-6429 on Ubuntu 18.10 (cosmic) - medium.
    2014-01-26
    oval:com.ubuntu.artful:def:20136429000
    V
    		CVE-2013-6429 on Ubuntu 17.10 (artful) - medium.
    2014-01-26
    oval:com.ubuntu.trusty:def:20136429000
    V
    		CVE-2013-6429 on Ubuntu 14.04 LTS (trusty) - medium.
    2014-01-26
    oval:com.ubuntu.bionic:def:201364290000000
    V
    		CVE-2013-6429 on Ubuntu 18.04 LTS (bionic) - medium.
    2014-01-26
    oval:com.ubuntu.bionic:def:20136429000
    V
    		CVE-2013-6429 on Ubuntu 18.04 LTS (bionic) - medium.
    2014-01-26
    oval:com.ubuntu.xenial:def:20136429000
    V
    		CVE-2013-6429 on Ubuntu 16.04 LTS (xenial) - medium.
    2014-01-26
    oval:com.ubuntu.xenial:def:201364290000000
    V
    		CVE-2013-6429 on Ubuntu 16.04 LTS (xenial) - medium.
    2014-01-26
    oval:com.ubuntu.cosmic:def:20136429000
    V
    		CVE-2013-6429 on Ubuntu 18.10 (cosmic) - medium.
    2014-01-26
    oval:com.ubuntu.precise:def:20136429000
    V
    		CVE-2013-6429 on Ubuntu 12.04 LTS (precise) - medium.
    2014-01-26
    BACK
    vmware spring framework 4.0.0 milestone1
    vmware spring framework 4.0.0 milestone2
    vmware spring framework 4.0.0 rc1
    pivotal_software spring framework *
    springsource spring framework 3.2.4
    ibm websphere portal 8.0
    ibm websphere portal 8.5
    ibm security identity governance and intelligence 5.2
    ibm security identity governance and intelligence 5.2.1
    ibm security guardium big data intelligence 3.1
    ibm security identity governance and intelligence 5.2.2
    ibm security identity governance and intelligence 5.2.2.1
    ibm security identity governance and intelligence 5.2.3
    ibm security identity governance and intelligence 5.2.3.1
    ibm security identity governance and intelligence 5.2.3.2
    ibm security identity governance and intelligence 5.2.4
    ibm security identity governance and intelligence 5.2.4.1
    ibm mobilefirst platform foundation 8.0.0