PT-2019-9397 · Intersystems · Intersystems Cache
Chris Davis
·
Publicado
2019-07-11
·
Atualizado
2019-07-12
·
CVE-2018-17152
CVSS v3.1
6.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Intersystems Cache version 2017.2.2.865.0
Description
The issue allows XXE (XML External Entity) attacks.
Recommendations
For Intersystems Cache version 2017.2.2.865.0, consider disabling XML parsing or restricting the use of external entities to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
XXE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Intersystems Cache