{"api_version":"1","generated_at":"2026-04-23T00:37:27+00:00","cve":"CVE-2017-5662","urls":{"html":"https://cve.report/CVE-2017-5662","api":"https://cve.report/api/cve/CVE-2017-5662.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-5662","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-5662"},"summary":{"title":"CVE-2017-5662","description":"In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack.","state":"PUBLIC","assigner":"security@apache.org","published_at":"2017-04-18 14:59:00","updated_at":"2020-10-20 22:15:00"},"problem_types":["CWE-611"],"metrics":[],"references":[{"url":"https://access.redhat.com/errata/RHSA-2017:2547","name":"RHSA-2017:2547","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id/1038334","name":"1038334","refsource":"SECTRACK","tags":[],"title":"Apache Batik SVG File XML External Entity Processing Flaw Lets Remote Users Obtain Potentially Sensitive Information - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:2546","name":"RHSA-2017:2546","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","name":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","refsource":"CONFIRM","tags":[],"title":"CPU July 2018","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html","name":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html","refsource":"CONFIRM","tags":[],"title":"Oracle Critical Patch Update - April 2018","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.oracle.com/security-alerts/cpuoct2020.html","name":"https://www.oracle.com/security-alerts/cpuoct2020.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - October 2020","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://xmlgraphics.apache.org/security.html","name":"https://xmlgraphics.apache.org/security.html","refsource":"CONFIRM","tags":["Patch","Vendor Advisory"],"title":"The Apache(tm) XML Graphics Project - Community","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/97948","name":"97948","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Apache Batik CVE-2017-5662 XML External Entity Information Disclosure Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2018:0319","name":"RHSA-2018:0319","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html","name":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html","refsource":"CONFIRM","tags":[],"title":"Oracle Critical Patch Update - October 2017","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2018/dsa-4215","name":"DSA-4215","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4215-1 batik","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-5662","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5662","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"5662","vulnerable":"1","versionEndIncluding":"1.8","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"apache","cpe5":"batik","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2017-5662","qid":"755916","title":"SUSE Enterprise Linux Security Update for xmlgraphics-batik (SUSE-SU-2024:0777-1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security@apache.org","ID":"CVE-2017-5662","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Apache Batik","version":{"version_data":[{"version_value":"before 1.9"}]}}]},"vendor_name":"Apache Software Foundation"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"XXE"}]}]},"references":{"reference_data":[{"name":"RHSA-2017:2547","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:2547"},{"name":"RHSA-2018:0319","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2018:0319"},{"name":"1038334","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1038334"},{"name":"DSA-4215","refsource":"DEBIAN","url":"https://www.debian.org/security/2018/dsa-4215"},{"name":"RHSA-2017:2546","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:2546"},{"name":"97948","refsource":"BID","url":"http://www.securityfocus.com/bid/97948"},{"name":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","refsource":"CONFIRM","url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"name":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html","refsource":"CONFIRM","url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"},{"name":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html","refsource":"CONFIRM","url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"},{"name":"https://xmlgraphics.apache.org/security.html","refsource":"CONFIRM","url":"https://xmlgraphics.apache.org/security.html"},{"url":"https://www.oracle.com/security-alerts/cpuoct2020.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpuoct2020.html"}]}},"nvd":{"publishedDate":"2017-04-18 14:59:00","lastModifiedDate":"2020-10-20 22:15:00","problem_types":["CWE-611"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.3,"baseSeverity":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.2},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:C/I:N/A:C","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"NONE","availabilityImpact":"COMPLETE","baseScore":7.9},"severity":"HIGH","exploitabilityScore":6.8,"impactScore":9.2,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:apache:batik:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"5662","Ordinal":"102241","Title":"CVE-2017-5662","CVE":"CVE-2017-5662","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"5662","Ordinal":"1","NoteData":"In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user is root a full compromise of the server - including confidential or sensitive files - would be possible. XXE can also be used to attack the availability of the server via denial of service as the references within a xml document can trivially trigger an amplification attack.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"5662","Ordinal":"2","NoteData":"2017-04-18","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"5662","Ordinal":"3","NoteData":"2020-10-20","Type":"Other","Title":"Modified"}]}}}