XML External Entity Vulnerability in Autopsy by Sleuth Kit
CVE-2018-1000838

10CRITICAL

Key Information:

Vendor: Sleuthkit
Status: Autopsy
Vendor: CVE Published:; 20 December 2018

What is CVE-2018-1000838?

The Autopsy software prior to version 4.9.0 is susceptible to an XML External Entity (XXE) vulnerability within the CaseMetadata XML Parser. This flaw can allow attackers to exploit specially crafted CaseMetadata XML files, potentially leading to sensitive data exposure, denial of service (DoS) attacks, server-side request forgery (SSRF), and port scanning capabilities. The vulnerability highlights critical weaknesses in how the application processes XML input, warranting immediate attention from users to mitigate risks associated with this security issue.

References

https://github.com/sleuthkit/autopsy/issues/4236

x_refsource_MISC

https://0dd.zone/2018/10/28/autopsy-XXE/

x_refsource_MISC

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 20, 2018
Vulnerability Reserved
Oct 28, 2018

CVE-2018-1000838 Data

JSON

Sleuthkit

What is CVE-2018-1000838?

References

CVSS V3.1

Timeline