Lucene search

[email protected]NVD:CVE-2017-8315

HistoryApr 20, 2018 - 7:29 p.m.

CVE-2017-8315

2018-04-2019:29:00

CWE-611

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

57.8%

JSON

Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml.

Affected configurations

Nvd

Node

eclipseideMatch2017.2.5

VendorProductVersionCPE
eclipseide2017.2.5cpe:2.3:a:eclipse:ide:2017.2.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
eclipse	ide	2017.2.5	cpe:2.3:a:eclipse:ide:2017.2.5:::::::*

References

bugs.eclipse.org/bugs/show_bug.cgi?id=519169

research.checkpoint.com/parsedroid-targeting-android-development-research-community/

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

57.8%

JSON

Related for NVD:CVE-2017-8315

ubuntucve1 redhatcve1 cve1 debiancve1 cvelist1 prion1