exploitDog

GHSA-2p7x-c866-r9jv

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.

The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.

Ссылки

EPSS

Процентиль: 68%

0.00568

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-611

Связанные уязвимости

CVE-2010-3322

CVSS3: 8.8

nvd

больше 15 лет назад

The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.

EPSS

Процентиль: 68%

0.00568

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-611