CVE-2017-6344 Grails CVE debrief

Who should care

Security and application teams running Grails applications that include PDF Plugin 0.6, especially where user-controlled XML is processed as part of PDF generation or related workflows.

Technical summary

The official records identify Grails PDF Plugin 0.6 as vulnerable to XXE (CWE-611). NVD’s affected CPE is cpe:2.3:a:grails:pdf_plugin:0.6:*:*:*:*:*:*:*. The published description states that a crafted XML document can be used to read arbitrary files. NVD rates the issue CVSS 3.0 5.9 MEDIUM with vector AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N.

Defensive priority

Medium. Prioritize remediation if Grails PDF Plugin 0.6 is present in production or processes untrusted XML, because the issue can expose file contents and the affected component is explicitly identified by NVD.

Recommended defensive actions

• Inventory Grails applications to confirm whether PDF Plugin 0.6 is installed or bundled.
• Remove or upgrade the vulnerable plugin version if it is still in use.
• Review any XML parsing paths associated with PDF generation and ensure external entity resolution is disabled.
• Limit the application’s file-system access so unintended file reads have less impact.
• Treat untrusted XML inputs as sensitive and add validation or safer parsing controls where possible.
• Check exposed endpoints and logs for XML-processing errors or unexpected file access patterns.

Evidence notes

The debrief is based on the CVE record and NVD entry for CVE-2017-6344. NVD identifies the affected product as Grails PDF Plugin 0.6, assigns CWE-611, and publishes CVSS 3.0 5.9 MEDIUM (AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N). Both the CVE and NVD records reference a SecurityFocus advisory and an Ambionics blog post. No CISA KEV entry is provided in the supplied corpus.

Official resources