Details of VAR-202209-0654

ID

VAR-202209-0654

CVE

CVE-2022-1700

TITLE

plural Forcepoint LLC. In the product XML External entity vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2022-016914

DESCRIPTION

Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by Forcepoint One Endpoint (F1E), Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20, 2022. The XML parser in the Policy Engine was found to be improperly configured to support external entities and external DTD (Document Type Definitions), which can lead to an XXE attack. This issue affects: Forcepoint Data Loss Prevention (DLP) versions prior to 8.8.2. Forcepoint One Endpoint (F1E) with Policy Engine versions prior to 8.8.2. Forcepoint Web Security Content Gateway versions prior to 8.5.5. Forcepoint Email Security with DLP enabled versions prior to 8.5.5. Forcepoint Cloud Security Gateway prior to June 20, 2022. multiple Forcepoint LLC. The product has XML There is a vulnerability in an external entity.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-1700 // JVNDB: JVNDB-2022-016914 // VULHUB: VHN-419813

AFFECTED PRODUCTS

vendor:	forcepoint	model:	cloud security gateway	scope:	lt	version:	2022-06-20	Trust: 1.0
vendor:	forcepoint	model:	email security	scope:	lt	version:	8.5.5	Trust: 1.0
vendor:	forcepoint	model:	one endpoint with policy engine	scope:	lt	version:	8.8.2	Trust: 1.0
vendor:	forcepoint	model:	web security content gateway	scope:	lt	version:	8.5.5	Trust: 1.0
vendor:	forcepoint	model:	data loss prevention	scope:	lt	version:	8.8.2	Trust: 1.0
vendor:	forcepoint	model:	cloud security gateway	scope:	-	version:	-	Trust: 0.8
vendor:	forcepoint	model:	web security content gateway	scope:	-	version:	-	Trust: 0.8
vendor:	forcepoint	model:	data loss prevention	scope:	-	version:	-	Trust: 0.8
vendor:	forcepoint	model:	email security	scope:	-	version:	-	Trust: 0.8
vendor:	forcepoint	model:	one endpoint with policy engine	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-016914 // NVD: CVE-2022-1700

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-1700
value:	CRITICAL
Trust: 1.0
psirt@forcepoint.com:	CVE-2022-1700
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-1700
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-202209-726
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2022-1700
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
psirt@forcepoint.com:	CVE-2022-1700
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2022-1700
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-016914 // CNNVD: CNNVD-202209-726 // NVD: CVE-2022-1700 // NVD: CVE-2022-1700

PROBLEMTYPE DATA

problemtype:	CWE-611	Trust: 1.1
problemtype:	XML Improper restriction of external entity references (CWE-611) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-419813 // JVNDB: JVNDB-2022-016914 // NVD: CVE-2022-1700

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202209-726

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202209-726

PATCH

title:

Forcepoint Data Loss Prevention Fixes for code issue vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=207863

Trust: 0.6

sources: CNNVD: CNNVD-202209-726

EXTERNAL IDS

db:	NVD	id:	CVE-2022-1700	Trust: 3.3
db:	JVNDB	id:	JVNDB-2022-016914	Trust: 0.8
db:	CNNVD	id:	CNNVD-202209-726	Trust: 0.7
db:	VULHUB	id:	VHN-419813	Trust: 0.1

sources: VULHUB: VHN-419813 // JVNDB: JVNDB-2022-016914 // CNNVD: CNNVD-202209-726 // NVD: CVE-2022-1700

REFERENCES

url:	https://help.forcepoint.com/security/cve/cve-2022-1700.html	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2022-1700	Trust: 0.8
url:	https://vigilance.fr/vulnerability/forcepoint-dlp-external-xml-entity-injection-39253	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-1700/	Trust: 0.6

sources: VULHUB: VHN-419813 // JVNDB: JVNDB-2022-016914 // CNNVD: CNNVD-202209-726 // NVD: CVE-2022-1700

SOURCES

db:	VULHUB	id:	VHN-419813
db:	JVNDB	id:	JVNDB-2022-016914
db:	CNNVD	id:	CNNVD-202209-726
db:	NVD	id:	CVE-2022-1700

LAST UPDATE DATE

2024-08-14T15:32:32.836000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-419813	date:	2022-09-15T00:00:00
db:	JVNDB	id:	JVNDB-2022-016914	date:	2023-10-06T08:13:00
db:	CNNVD	id:	CNNVD-202209-726	date:	2022-09-16T00:00:00
db:	NVD	id:	CVE-2022-1700	date:	2022-09-15T18:05:38.843

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-419813	date:	2022-09-12T00:00:00
db:	JVNDB	id:	JVNDB-2022-016914	date:	2023-10-06T00:00:00
db:	CNNVD	id:	CNNVD-202209-726	date:	2022-09-12T00:00:00
db:	NVD	id:	CVE-2022-1700	date:	2022-09-12T19:15:08.603