PT-2022-28117 · Talend · Talend Open Studio For Mdm
Published
2022-12-28
·
Updated
2024-05-17
·
CVE-2022-4818
CVSS v3.1
5.5
Medium
| Vector | AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Talend Open Studio for MDM versions prior to 20221220 1938
Description
A vulnerability was found in Talend Open Studio for MDM, affecting an unknown functionality of the file org.talend.mdm.core/src/com/amalto/core/storage/SystemStorageWrapper.java. The manipulation leads to xml external entity reference.
Recommendations
For versions prior to 20221220 1938, upgrade to version 20221220 1938 to address this issue. As a temporary workaround, consider restricting access to the affected functionality until the upgrade is applied.
Fix
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Talend Open Studio For Mdm