Описание
Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior.
Ссылки
- Permissions Required
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Permissions Required
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 3.2.1 (включая)
cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:*:*:*:*
Конфигурация 2Версия до 3.2.1 (включая)
cpe:2.3:a:ge:mds_pulsenet:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 76%
0.00961
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-611
CWE-611
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior.
EPSS
Процентиль: 76%
0.00961
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-611
CWE-611