What is XXE Attack?

The XXE Attack(XML External Entity) is an attack where it against an application that will parses XML input. Like other attack, this attack can lead to any expose any of confidential data, Denial of Service, Service Side Request Forgery.

Attack Factors

Exploitable

An attacker can use this vulnerability to exploit any vulnerable XML processors by uploading XML Document or some malicious code.

Impact

This vulnerable XML can be impact by extract the data and execute a remote request from the server. As a result, it normally depends on the protection needs on all the affected application and data available for business point of view.

Remediation

As you read above, the developer need to identify and fix the vulnerabilities before it became too late. Therefore, the following are the remediation that the developer can made as guideline.

  1. If possible, the developer need to use less complex data formats such as JSON.
  2. The developer need to patch all XML processors and upgrade to the latest XML processors
  3. Update to the latest version of SOAP 1.2 or higher.
  4. Lastly, the developer need to whitelisting all server-side input validation, filtering to prevent the hostile data within XML documents

Source: OWASP: XML External Entity (XXE) Processing

Categories:

Tags:

No responses yet

Leave a Reply

Your email address will not be published. Required fields are marked *