Vulnerability Description
Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort parameter to the loadPreviewAction() method of the Shopware_Controllers_Backend_ProductStream controller, with resultant XXE via instantiation of a SimpleXMLElement object.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Shopware | Shopware | < 5.3.4 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/152995/Shopware-createInstanceFromNamedArgu
- https://blog.ripstech.com/2017/shopware-php-object-instantiation-to-blind-xxe/ExploitThird Party Advisory
- https://demo.ripstech.com/projects/shopware_5.3.3Third Party Advisory
- http://packetstormsecurity.com/files/152995/Shopware-createInstanceFromNamedArgu
- https://blog.ripstech.com/2017/shopware-php-object-instantiation-to-blind-xxe/ExploitThird Party Advisory
- https://demo.ripstech.com/projects/shopware_5.3.3Third Party Advisory
FAQ
What is CVE-2017-18357?
CVE-2017-18357 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort parameter to the loadPreviewAction() method of the Shopware_Controllers_Backend_ProductStream controller, with resultant XXE via...
How severe is CVE-2017-18357?
CVE-2017-18357 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-18357?
Check the references section above for vendor advisories and patch information. Affected products include: Shopware Shopware.