Home
Mapping Frameworks
Known Exploited Vulnerabilities Home
XML External Entity (XXE) Capability Group

Known Exploited Vulnerabilities XML External Entity (XXE) Capability Group

All Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
CVE-2019-13608	Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability	secondary_impact	T1003	OS Credential Dumping	Comments CVE-2019-13608 is a an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information. References https://news.sophos.com/en-us/2021/01/26/nefilim-ransomware-attack-uses-ghost-credentials/ https://threatpost.com/nefilim-ransomware-ghost-account/163341/
CVE-2019-13608	Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability	secondary_impact	T1078	Valid Accounts	Comments CVE-2019-13608 is a an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information. References https://news.sophos.com/en-us/2021/01/26/nefilim-ransomware-attack-uses-ghost-credentials/ https://threatpost.com/nefilim-ransomware-ghost-account/163341/
CVE-2019-13608	Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability	secondary_impact	T1046	Network Service Discovery	Comments CVE-2019-13608 is a an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information. References https://news.sophos.com/en-us/2021/01/26/nefilim-ransomware-attack-uses-ghost-credentials/ https://threatpost.com/nefilim-ransomware-ghost-account/163341/
CVE-2019-13608	Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability	secondary_impact	T1005	Data from Local System	Comments CVE-2019-13608 is a an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information. References https://news.sophos.com/en-us/2021/01/26/nefilim-ransomware-attack-uses-ghost-credentials/ https://threatpost.com/nefilim-ransomware-ghost-account/163341/
CVE-2019-13608	Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability	primary_impact	T1059	Command and Scripting Interpreter	Comments CVE-2019-13608 is a an XML External Entity (XXE) processing vulnerability that may allow an unauthenticated attacker to retrieve potentially sensitive information. References https://news.sophos.com/en-us/2021/01/26/nefilim-ransomware-attack-uses-ghost-credentials/ https://threatpost.com/nefilim-ransomware-ghost-account/163341/
CVE-2024-34102	Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability	secondary_impact	T1005	Data from Local System	Comments This vulnerability is exploited by sending a crafted XML document that references external entities with the likely goal of accessing local data. References https://www.assetnote.io/resources/research/why-nested-deserialization-is-harmful-magento-xxe-cve-2024-34102 https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102
CVE-2024-34102	Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability	primary_impact	T1059	Command and Scripting Interpreter	Comments This vulnerability is exploited by sending a crafted XML document that references external entities with the likely goal of accessing local data. References https://www.assetnote.io/resources/research/why-nested-deserialization-is-harmful-magento-xxe-cve-2024-34102 https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102
CVE-2024-34102	Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability	exploitation_technique	T1190	Exploit Public-Facing Application	Comments This vulnerability is exploited by sending a crafted XML document that references external entities with the likely goal of accessing local data. References https://www.assetnote.io/resources/research/why-nested-deserialization-is-harmful-magento-xxe-cve-2024-34102 https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102

Capabilities

Capability ID	Capability Name	Number of Mappings
CVE-2024-34102	Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability	3
CVE-2019-13608	Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability	5