Описание
The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sybase:adaptive_server_enterprise:15.7:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.08463
Низкий
4 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
EPSS
Процентиль: 92%
0.08463
Низкий
4 Medium
CVSS2
Дефекты
CWE-94