CVE-2018-10077

Name of the Vulnerable Software and Affected Versions: Geist WatchDog Console version 3.2.2

Description: The issue allows remote authenticated administrators to read arbitrary files by providing crafted XML data, exploiting an XML external entity (XXE) vulnerability.

Recommendations: For Geist WatchDog Console version 3.2.2, consider restricting access to XML data processing until a patch is available. As a temporary workaround, limit the privileges of administrators to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.