Описание
XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service (web service outage) via a crafted XML document.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до v100r001c00 (включая)
cpe:2.3:a:huawei:e9000_chassis:*:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00083
Низкий
6.6 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 6.6
github
больше 3 лет назад
XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service (web service outage) via a crafted XML document.
EPSS
Процентиль: 25%
0.00083
Низкий
6.6 Medium
CVSS3
4.9 Medium
CVSS2
Дефекты
CWE-284