Описание
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated XML Entity Expansion Denial of Service on the WiNG Access Point / Controller via crafted XML entities to the Web User Interface.
Ссылки
- MitigationVendor Advisory
- MitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.0 (включая) до 5.8.6.9 (исключая)Версия от 5.9.0 (включая) до 5.9.1.3 (исключая)
Одно из
cpe:2.3:o:extremewireless:wing:*:*:*:*:*:*:*:*
cpe:2.3:o:extremewireless:wing:*:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00403
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-611
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated XML Entity Expansion Denial of Service on the WiNG Access Point / Controller via crafted XML entities to the Web User Interface.
EPSS
Процентиль: 60%
0.00403
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-611