CVE-2018-20687

Name of the Vulnerable Software and Affected Versions: Raritan CommandCenter Secure Gateway versions prior to 8.0.0

Description: The issue allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks. This is achieved by sending a crafted DTD in an XML request, exploiting an XML external entity (XXE) vulnerability in the CommandCenterWebServices.

Recommendations: For versions prior to 8.0.0, update to version 8.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the CommandCenterWebServices to minimize the risk of exploitation.