Improper XML External Entity Handling in Forcepoint Data Loss Prevention and Related Products
CVE-2022-1700

7.5HIGH

Key Information:

Vendor: Forcepoint
Status: Data Loss Prevention (dlp); One Endpoint (f1e) With Policy Engine; Web Security Content Gateway; Email Security With Dlp Enabled
Vendor: CVE Published:; 12 September 2022

What is CVE-2022-1700?

The Forcepoint Policy Engine in various products has a vulnerability due to improper restriction of XML External Entity references. This misconfiguration allows potential attackers to exploit the XML parser, which may lead to unauthorized access and extraction of sensitive data. Specifically affected are multiple Forcepoint products, which, when not updated, could facilitate XXE attacks, compromising the security of sensitive information managed by these systems. Users are advised to update to the latest versions to mitigate this risk.

Affected Version(s)

Cloud Security Gateway prior to June 20, 2022

Data Loss Prevention (DLP) < 8.8.2

Email Security with DLP enabled < 8.5.5

References

https://help.forcepoint.com/security/CVE/CVE-2022-1700.html

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 12, 2022
Vulnerability Reserved
May 12, 2022

Credit

Forcepoint would like to thank Kaushik Joshi and Keval Shah from iAppSecure Solutions Pvt Ltd. for discovering and working with us to responsibly disclose this vulnerability.