NVD Vulnerability Detail

CVE-2017-8056

Summary	WatchGuard Fireware v11.12.1 and earlier mishandles requests referring to an XML External Entity (XXE), in the XML-RPC agent. This causes the Firebox wgagent process to crash. This process crash ends all authenticated sessions to the Firebox, including management connections, and prevents new authenticated sessions until the process has recovered. The Firebox may also experience an overall degradation in performance while the wgagent process recovers. An attacker could continuously send XML-RPC requests that contain references to external entities to perform a limited Denial of Service (DoS) attack against an affected Firebox.
Publication Date	April 23, 2017, 7:59 a.m.
Registration Date	Jan. 26, 2021, 1:29 p.m.
Last Update	Nov. 21, 2024, 12:33 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:watchguard:fireware::::::::			11.2.1

Related information, measures and tools

No	URL	タグ
1	http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000KlBSAU	Vendor Advisory
2	http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000KlBSAU	Vendor Advisory
3	https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt	Exploit Third Party Advisory VDB Entry
4	https://packetstormsecurity.com/files/142177/watchguardfbxtm-xxeinject.txt	Exploit Third Party Advisory VDB Entry
5	https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia	Exploit Third Party Advisory
6	https://www.sidertia.com/Home/Community/Blog/2017/04/17/Fixed-the-Fireware-Vulnerabilities-discovered-by-Sidertia	Exploit Third Party Advisory
7	https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html	Release Notes Vendor Advisory
8	https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html	Release Notes Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-611	XML 外部エンティティ参照の不適切な制限	https://cwe.mitre.org/data/definitions/611.html

JVN Vulnerability Information

WatchGuard Fireware における XML 外部エンティティの脆弱性

Title	WatchGuard Fireware における XML 外部エンティティの脆弱性
Summary	WatchGuard Fireware には、XML 外部エンティティの脆弱性が存在します。
Possible impacts	サービス運用妨害 (DoS) 攻撃が行われる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	April 11, 2017, midnight
Registration Date	May 24, 2017, 6:15 p.m.
Last Update	May 24, 2017, 6:15 p.m.

Affected System

ウォッチガード・テクノロジー

WatchGuard Fireware 11.12.1 およびそれ以前

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2017-8056	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8056
National Vulnerability Database (NVD)
2	CVE-2017-8056	https://nvd.nist.gov/vuln/detail/CVE-2017-8056

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-611	https://cwe.mitre.org/data/definitions/611.html

ベンダー情報

No	Name	URL
WatchGuard
1	Firebox XML-RPC XXE Denial of Service Vulnerability	http://watchguardsupport.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000KlBSAU
2	Fireware v11.12.2 Update 1 Release Notes	https://www.watchguard.com/support/release-notes/fireware/11/en-US/EN_ReleaseNotes_Fireware_11_12_2/index.html

Change Log

No	Changed Details	Date of change
0	[2017年05月24日] 掲載	Feb. 17, 2018, 10:37 a.m.