Cyber Resilience

CVE-2023-45727

HighCISA KEVActive ExploitationEUVD Exploited

Published: 18 October 2023

Published
18 October 2023
Modified
24 October 2025
KEV Added
03 December 2024
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.2105 95.8th percentile
Risk Priority 48 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-45727 is a high-severity Improper Restriction of XML External Entity Reference (CWE-611) vulnerability in Northgrid Proself. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 4.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2023-45727 is an XML External Entity (XXE) vulnerability, tracked under CWE-611, that affects Proself Enterprise/Standard Edition versions 5.62 and earlier, Proself Gateway Edition versions 1.65 and earlier, and Proself Mail Sanitize Edition versions 1.08 and earlier. The flaw resides in the products' handling of XML input and permits a remote attacker to supply malformed XML data that triggers external entity resolution.

An unauthenticated attacker can send a specially crafted request over the network to read arbitrary files on the server, including those that contain account information. The attack requires no user interaction or credentials and carries a CVSS 3.1 score of 7.5, reflecting high confidentiality impact with no integrity or availability effects.

Vendor advisories from Proself and JVN recommend upgrading to fixed versions that disable or properly configure XML entity processing. The vulnerability also appears in the CISA Known Exploited Vulnerabilities catalog, confirming observed in-the-wild exploitation.

EPSS scores for the CVE rose from a low baseline to a peak of 0.4148 on 2024-12-12 before receding to the current value of 0.2105, indicating that exploitation interest increased after public disclosure.

EU & UK References

Vulnerability details

Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity (XXE) attacks. By processing a specially crafted request containing malformed…

more

XML data, arbitrary files on the server containing account information may be read by the attacker.

CWE(s)
KEV Date Added
03 December 2024

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

northgrid
proself
≤ 1.09 · ≤ 1.66 · ≤ 5.63

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of XML input to reject malformed external entity declarations that enable the XXE file disclosure.

prevent

Enforces access-control decisions so that unauthenticated requests cannot reach file-system resources containing account data.

detect

Monitors inbound XML traffic and anomalous file-access patterns that would indicate successful XXE exploitation.

References