CVE-2024-39847: CWE-611 Improper Restriction of XML External Entity Reference in 4D 4D Server
Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services.
AI Analysis
Technical Summary
This vulnerability (CWE-611) in 4D Server's SOAP endpoint XML parser allows unauthenticated remote attackers to leverage XML External Entity injection to access sensitive files on the server and adjacent network shares. Additionally, attackers can use the vulnerability to make HTTP GET requests to arbitrary network services, potentially enabling information disclosure or further network reconnaissance. The CVSS 4.0 base score is 8.7, reflecting high severity with network attack vector, no required privileges or user interaction, and high impact on confidentiality. The vulnerability affects all versions of 4D Server. No vendor-provided patch or official remediation level is currently documented.
Potential Impact
Successful exploitation allows unauthenticated attackers to read arbitrary files on the affected 4D Server and connected network shares, leading to potential disclosure of sensitive information. Attackers can also perform HTTP GET requests to arbitrary services, which may facilitate further attacks or information gathering. The vulnerability does not require authentication or user interaction, increasing its risk. There are no known active exploits reported at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, consider restricting access to SOAP endpoints and limiting network exposure of the 4D Server. Monitor for updates from 4D regarding patches or mitigations. Avoid exposing the affected service to untrusted networks where possible.
CVE-2024-39847: CWE-611 Improper Restriction of XML External Entity Reference in 4D 4D Server
Description
Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services.
CVSS v4.0
Score 8.7high
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CWE-611) in 4D Server's SOAP endpoint XML parser allows unauthenticated remote attackers to leverage XML External Entity injection to access sensitive files on the server and adjacent network shares. Additionally, attackers can use the vulnerability to make HTTP GET requests to arbitrary network services, potentially enabling information disclosure or further network reconnaissance. The CVSS 4.0 base score is 8.7, reflecting high severity with network attack vector, no required privileges or user interaction, and high impact on confidentiality. The vulnerability affects all versions of 4D Server. No vendor-provided patch or official remediation level is currently documented.
Potential Impact
Successful exploitation allows unauthenticated attackers to read arbitrary files on the affected 4D Server and connected network shares, leading to potential disclosure of sensitive information. Attackers can also perform HTTP GET requests to arbitrary services, which may facilitate further attacks or information gathering. The vulnerability does not require authentication or user interaction, increasing its risk. There are no known active exploits reported at this time.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, consider restricting access to SOAP endpoints and limiting network exposure of the 4D Server. Monitor for updates from 4D regarding patches or mitigations. Avoid exposing the affected service to untrusted networks where possible.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- SCHUTZWERK
- Date Reserved
- 2024-06-29T20:55:54.740Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69f30313cbff5d86109ddf12
Added to database: 4/30/2026, 7:21:55 AM
Last enriched: 5/18/2026, 9:08:34 AM
Last updated: 6/14/2026, 1:16:28 PM
Views: 102
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.