CVE-2012-4399
published 2012-10-09CVE-2012-4399: The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity…
PriorityP261high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
12.09%
95.6th percentile
The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cakefoundation | cakephp | >= 2.1.0 < 2.1.5 | 2.1.5 |
| cakefoundation | cakephp | >= 2.2.0 < 2.2.1 | 2.2.1 |
| cakephp | cakephp | >= 2.1.0-alpha < 2.1.5 | 2.1.5 |
| cakephp | cakephp | >= 2.2.0-beta < 2.2.1 | 2.2.1 |
| debian | cakephp | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Detect XXE payloads targeting CakePHP's Xml class by inspecting HTTP request bodies for XML DOCTYPE declarations containing SYSTEM entity references to local file paths (e.g., file:///etc/passwd or file:///c:/windows/win.ini). ↗
- ·The vulnerability exists specifically in CakePHP versions 2.1.x before 2.1.5 and 2.2.x before 2.2.1. Detection efforts should be scoped to environments running these affected version ranges. ↗
- ·The fix was applied in versions 2.2.1 and 2.1.5; systems patched to these versions or later are not vulnerable and do not require XXE-specific mitigations for this CVE. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_debian7.5LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2012-4399: cakephp - The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote...
vendor_debian·2012·CVSS 7.5
CVE-2012-4399 [HIGH] CVE-2012-4399: cakephp - The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote...
The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.
Scope: local
bullseye: resolved
GHSA
CakePHPallows remote attackers to read arbitrary files via XML data containing external entity references
ghsa·2022-05-17
CVE-2012-4399 [HIGH] CWE-611 CakePHPallows remote attackers to read arbitrary files via XML data containing external entity references
CakePHPallows remote attackers to read arbitrary files via XML data containing external entity references
The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.
OSV
CakePHPallows remote attackers to read arbitrary files via XML data containing external entity references
osv·2022-05-17
CVE-2012-4399 [HIGH] CakePHPallows remote attackers to read arbitrary files via XML data containing external entity references
CakePHPallows remote attackers to read arbitrary files via XML data containing external entity references
The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 allows remote attackers to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.
No detection rules found.
No writeups or analysis indexed.
http://bakery.cakephp.org/articles/markstory/2012/07/14/security_release_-_cakephp_2_1_5_2_2_1http://seclists.org/bugtraq/2012/Jul/101http://secunia.com/advisories/49900http://www.exploit-db.com/exploits/19863http://www.openwall.com/lists/oss-security/2012/09/03/1http://www.openwall.com/lists/oss-security/2012/09/03/2http://www.osvdb.org/84042http://bakery.cakephp.org/articles/markstory/2012/07/14/security_release_-_cakephp_2_1_5_2_2_1http://seclists.org/bugtraq/2012/Jul/101http://secunia.com/advisories/49900http://www.exploit-db.com/exploits/19863http://www.openwall.com/lists/oss-security/2012/09/03/1http://www.openwall.com/lists/oss-security/2012/09/03/2http://www.osvdb.org/84042
2012-10-09
Published