CVE-2023-20052

Summary

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. An attacker could exploit this vulnerability by submitting a crafted DMG file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to leak bytes from any file that may be read by the ClamAV scanning process.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Secure Endpoint6.0.9affected
CiscoCisco Secure Endpoint6.0.7affected
CiscoCisco Secure Endpoint6.1.5affected
CiscoCisco Secure Endpoint6.1.7affected
CiscoCisco Secure Endpoint6.1.9affected
CiscoCisco Secure Endpoint6.2.1affected
CiscoCisco Secure Endpoint6.2.5affected
CiscoCisco Secure Endpoint6.2.19affected
CiscoCisco Secure Endpoint6.2.9affected
CiscoCisco Secure Endpoint6.3.5affected
CiscoCisco Secure Endpoint6.3.1affected
CiscoCisco Secure Endpoint6.3.7affected
CiscoCisco Secure Endpoint6.3.3affected
CiscoCisco Secure Endpoint7.0.5affected
CiscoCisco Secure Endpoint7.1.1affected
CiscoCisco Secure Endpoint7.1.5affected
CiscoCisco Secure Endpoint1.12.1affected
CiscoCisco Secure Endpoint1.12.2affected
CiscoCisco Secure Endpoint1.12.5affected
CiscoCisco Secure Endpoint1.12.0affected
CiscoCisco Secure Endpoint1.12.6affected
CiscoCisco Secure Endpoint1.12.3affected
CiscoCisco Secure Endpoint1.12.7affected
CiscoCisco Secure Endpoint1.12.4affected
CiscoCisco Secure Endpoint1.13.0affected
CiscoCisco Secure Endpoint1.13.1affected
CiscoCisco Secure Endpoint1.13.2affected
CiscoCisco Secure Endpoint1.11.0affected
CiscoCisco Secure Endpoint1.10.2affected
CiscoCisco Secure Endpoint1.10.1affected
CiscoCisco Secure Endpoint1.10.0affected
CiscoCisco Secure Endpoint1.14.0affected
CiscoCisco Secure Endpoint1.6.0affected
CiscoCisco Secure Endpoint1.9.0affected
CiscoCisco Secure Endpoint1.9.1affected
CiscoCisco Secure Endpoint1.8.1affected
CiscoCisco Secure Endpoint1.8.0affected
CiscoCisco Secure Endpoint1.8.4affected
CiscoCisco Secure Endpoint1.7.0affected
CiscoCisco Secure Endpoint7.2.13affected
CiscoCisco Secure Endpoint7.2.7affected
CiscoCisco Secure Endpoint7.2.3affected
CiscoCisco Secure Endpoint7.2.11affected
CiscoCisco Secure Endpoint7.2.5affected
CiscoCisco Secure Endpoint7.3.3affected
CiscoCisco Secure Endpoint7.3.5affected

Weaknesses

  • CWE-611: Improper Restriction of XML External Entity Reference

ADP Enrichment

CVE Program Container

Additional References

References