exploitDog

GHSA-gjp7-4gf3-7mvq

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

IBM Tivoli Endpoint Manager 9.1 before 9.1.1088.0 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

IBM Tivoli Endpoint Manager 9.1 before 9.1.1088.0 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Ссылки

EPSS

Процентиль: 76%

0.00917

Низкий

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2014-3066

nvd

больше 11 лет назад

IBM Tivoli Endpoint Manager 9.1 before 9.1.1088.0 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

EPSS

Процентиль: 76%

0.00917

Низкий

CVE ID

Дефекты

CWE-200