CVE-2022-1700 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2022-1700?

CVE-2022-1700 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-1700?

Check the references section above for vendor advisories and patch information. Affected products include: Forcepoint Cloud Security Gateway, Forcepoint Data Loss Prevention, Forcepoint Email Security, Forcepoint One Endpoint With Policy Engine, Forcepoint Web Security Content Gateway.

Vulnerability Description

Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by Forcepoint One Endpoint (F1E), Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20, 2022. The XML parser in the Policy Engine was found to be improperly configured to support external entities and external DTD (Document Type Definitions), which can lead to an XXE attack. This issue affects: Forcepoint Data Loss Prevention (DLP) versions prior to 8.8.2. Forcepoint One Endpoint (F1E) with Policy Engine versions prior to 8.8.2. Forcepoint Web Security Content Gateway versions prior to 8.5.5. Forcepoint Email Security with DLP enabled versions prior to 8.5.5. Forcepoint Cloud Security Gateway prior to June 20, 2022.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Forcepoint	Cloud Security Gateway	< 2022-06-20
Forcepoint	Data Loss Prevention	< 8.8.2
Forcepoint	Email Security	< 8.5.5
Forcepoint	One Endpoint With Policy Engine	< 8.8.2
Forcepoint	Web Security Content Gateway	< 8.5.5

Related Weaknesses (CWE)

CWE-611

References

https://help.forcepoint.com/security/CVE/CVE-2022-1700.htmlMitigationVendor Advisory
https://help.forcepoint.com/security/CVE/CVE-2022-1700.htmlMitigationVendor Advisory

FAQ

What is CVE-2022-1700?

CVE-2022-1700 is a vulnerability with a CVSS score of 7.5 (HIGH). Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by Forcepoint One Endpoint (F1E), Web...

How severe is CVE-2022-1700?

CVE-2022-1700 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-1700?

Check the references section above for vendor advisories and patch information. Affected products include: Forcepoint Cloud Security Gateway, Forcepoint Data Loss Prevention, Forcepoint Email Security, Forcepoint One Endpoint With Policy Engine, Forcepoint Web Security Content Gateway.