CVE-2023-23595

Name of the Vulnerable Software and Affected Versions BlueCat Device Registration Portal version 2.2

Description The issue allows XXE attacks that can exfiltrate single-line files, potentially containing credentials, such as those found in .netrc files. For example, a single-line file might contain information like machine example.com login daniel password qwerty. There is no available information about whether any later version is affected.

Recommendations For BlueCat Device Registration Portal version 2.2, since 2.x versions are no longer supported and there is no information about a fix in later versions, at the moment, there is no information about a newer version that contains a fix for this vulnerability.