CISA warns the leading business doc management system is open to attack and urges providers to apply fixes.
Xerox issued a repair for two vulnerabilities impacting its industry-top DocuShare business document management platform. The bugs, if exploited, could expose DocuShare customers to an attack ensuing in the reduction of delicate facts.
On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) issued a security bulletin urging consumers and directors to utilize a patch that plugged two security holes in recently released variations (6.6.1, 7., and 7.5) of Xerox’s DocuShare. The vulnerability is rated significant.
Tracked as CVE-2020-27177, Xerox claimed the vulnerabilities open Solaris, Linux and Windows DucuShare end users up to both of those a server-facet request forgery (SSRF) attack and an unauthenticated external XML entity injection attack (XXE). Xerox issued its security advisory (XRX20W) on November 30.Xerox did not share the specifics of the bugs or doable attack scenarios. In its “Mini Bulletin” it offered inbound links to hotfix inbound links to tarball data files addressing bugs in afflicted versions of Solaris, Linux and Windows DocuShare.
However, a hotfix for the Solaris version of DocuShare 7.5 is not obtainable. Xerox did not return press inquiries ahead of this released information write-up.
Potential Danger Vectors
A SSRF vulnerability would make it possible for an attacker to abuse functionality on a server hosting the software package-as-a-support (SaaS) DocuShare. A profitable SSRF attack usually will allow an adversary to browse or update inside means.
“The attacker can provide or modify a URL which the code jogging on the server will examine or submit details to, and by cautiously picking the URLs, the attacker may well be ready to browse server configuration these kinds of as AWS metadata, connect to internal providers like http enabled databases or perform publish requests in direction of inner services which are not intended to be exposed,” in accordance to an OWASP Foundation description of a SSRF attack.
An XXE is a style of attack from an application that parses XML enter. “This attack occurs when XML input made up of a reference to an external entity is processed by a weakly configured XML parser,” OWASP describes.
A thriving XXE attack would allow a cybercriminal to achieve accessibility to confidential info and could also facilitate attacks that contain: “denial of company, server aspect ask for forgery and port scanning from the perspective of the machine the place the parser is located,” in accordance OWASP.
Bug hunter Julien Ahrens (@MrTuxracer) is credited for getting the bug and bringing it to Xerox’s awareness.
Xerox DocuShare is an business doc management program used by mid-sized and big businesses. The document administration system market, worthy of $41.65 billion in 2019, is a dominated firms these as Xerox, IBM, Oracle and OpenText.
Place Ransomware on the Run: Save your location for “What’s Up coming for Ransomware,” a FREE Threatpost webinar on Dec. 16 at 2 p.m. ET. Find out what’s coming in the ransomware world and how to struggle back again.
Get the most recent from John (Austin) Merritt, Cyber Threat Intelligence Analyst at Electronic Shadows, and other security specialists, on new varieties of attacks. Subject areas will include things like the most unsafe ransomware menace actors, their evolving TTPs and what your organization wants to do to get forward of the up coming, inevitable ransomware attack. Register here for the Wed., Dec. 16 for this LIVE webinar.
Some parts of this write-up are sourced from: