ByteOS Network

CWE-611:Improper Restriction of XML External Entity Reference

Weakness ID:611

Version:v4.17

Weakness Name:Improper Restriction of XML External Entity Reference

Vulnerability Mapping:Allowed

Abstraction:Base

Structure:Simple

Status:Draft

Details Content History Observed CVE Examples Reports

▼Submissions

Submission Date	Release Date	Submitter	Organization	Version	Comment
2007-05-07	2007-05-07	Anonymous Tool Vendor (under NDA)	N/A	Draft 6	N/A

Submission Date: 2007-05-07

Release Date: 2007-05-07

Submitter: Anonymous Tool Vendor (under NDA)

Organization: N/A

Version: Draft 6

Comment:

N/A

▼Modifications

Modification Date	Release Date	Modifier	Organization	Version	Importance	Comment
2008-07-01	N/A	Eric Dalci	Cigital	N/A	N/A	updated Time_of_Introduction
2008-09-08	N/A	CWE Content Team	MITRE	N/A	N/A	updated Description, Relationships, Observed_Example, Other_Notes, Taxonomy_Mappings
2010-02-16	N/A	CWE Content Team	MITRE	N/A	N/A	updated Taxonomy_Mappings
2010-09-27	N/A	CWE Content Team	MITRE	N/A	N/A	updated Background_Details, Other_Notes
2011-03-29	N/A	CWE Content Team	MITRE	N/A	N/A	updated Name
2011-06-01	N/A	CWE Content Team	MITRE	N/A	N/A	updated Common_Consequences
2012-05-11	N/A	CWE Content Team	MITRE	N/A	N/A	updated Relationships
2013-02-21	N/A	CWE Content Team	MITRE	N/A	N/A	updated Alternate_Terms, Applicable_Platforms, Background_Details, Common_Consequences, Description, Name, Observed_Examples, Potential_Mitigations, References, Relationship_Notes, Relationships, Taxonomy_Mappings
2014-07-30	N/A	CWE Content Team	MITRE	N/A	N/A	updated Relationships, Taxonomy_Mappings
2015-12-07	N/A	CWE Content Team	MITRE	N/A	N/A	updated Relationships
2017-11-08	N/A	CWE Content Team	MITRE	N/A	N/A	updated Modes_of_Introduction, References, Relationships, Relevant_Properties
2018-03-27	N/A	CWE Content Team	MITRE	N/A	N/A	updated Relationships
2019-01-03	N/A	CWE Content Team	MITRE	N/A	N/A	updated Related_Attack_Patterns
2019-06-20	N/A	CWE Content Team	MITRE	N/A	N/A	updated Name, Type
2019-09-19	N/A	CWE Content Team	MITRE	N/A	N/A	updated Relationships
2020-02-24	N/A	CWE Content Team	MITRE	N/A	N/A	updated Applicable_Platforms, Relationships
2020-08-20	N/A	CWE Content Team	MITRE	N/A	N/A	updated Relationships
2020-12-10	N/A	CWE Content Team	MITRE	N/A	N/A	updated Relationships
2021-07-20	N/A	CWE Content Team	MITRE	N/A	N/A	updated Relationships
2021-10-28	N/A	CWE Content Team	MITRE	N/A	N/A	updated Relationships
2022-06-28	N/A	CWE Content Team	MITRE	N/A	N/A	updated Relationships
2023-01-31	N/A	CWE Content Team	MITRE	N/A	N/A	updated Alternate_Terms, Common_Consequences, Description
2023-04-27	N/A	CWE Content Team	MITRE	N/A	N/A	updated Detection_Factors, References, Relationships
2023-06-29	N/A	CWE Content Team	MITRE	N/A	N/A	updated Mapping_Notes
2023-10-26	N/A	CWE Content Team	MITRE	N/A	N/A	updated Observed_Examples

Modification Date: 2008-07-01

Release Date: N/A

Modifier: Eric Dalci

Organization: Cigital

Version: N/A

Importance: N/A

Comment:

updated Time_of_Introduction

Modification Date: 2008-09-08

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Description, Relationships, Observed_Example, Other_Notes, Taxonomy_Mappings

Modification Date: 2010-02-16

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Taxonomy_Mappings

Modification Date: 2010-09-27

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Background_Details, Other_Notes

Modification Date: 2011-03-29

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Name

Modification Date: 2011-06-01

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Common_Consequences

Modification Date: 2012-05-11

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2013-02-21

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Alternate_Terms, Applicable_Platforms, Background_Details, Common_Consequences, Description, Name, Observed_Examples, Potential_Mitigations, References, Relationship_Notes, Relationships, Taxonomy_Mappings

Modification Date: 2014-07-30

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships, Taxonomy_Mappings

Modification Date: 2015-12-07

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2017-11-08

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Modes_of_Introduction, References, Relationships, Relevant_Properties

Modification Date: 2018-03-27

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2019-01-03

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Related_Attack_Patterns

Modification Date: 2019-06-20

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Name, Type

Modification Date: 2019-09-19

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2020-02-24

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Applicable_Platforms, Relationships

Modification Date: 2020-08-20

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2020-12-10

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2021-07-20

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2021-10-28

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2022-06-28

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Relationships

Modification Date: 2023-01-31

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Alternate_Terms, Common_Consequences, Description

Modification Date: 2023-04-27

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Detection_Factors, References, Relationships

Modification Date: 2023-06-29

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Mapping_Notes

Modification Date: 2023-10-26

Release Date: N/A

Modifier: CWE Content Team

Organization: MITRE

Version: N/A

Importance: N/A

Comment:

updated Observed_Examples

▼Previous Name Entries

Change Date	Previous Entry Name	Version
2011-03-29	Information Leak Through XML External Entity File Disclosure	N/A
2013-02-21	Information Exposure Through XML External Entity Reference	N/A
2019-06-20	Improper Restriction of XML External Entity Reference ('XXE')	N/A

Change Date: 2011-03-29

Version: N/A

Previous Entry Name: Information Leak Through XML External Entity File Disclosure

Change Date: 2013-02-21

Version: N/A

Previous Entry Name: Information Exposure Through XML External Entity Reference

Change Date: 2019-06-20

Version: N/A

Previous Entry Name: Improper Restriction of XML External Entity Reference ('XXE')