Описание
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to conduct XML External Entity (XXE) attacks and obtain the information stored in the product via unspecified vectors. This issue occurs only when using Mozilla Firefox.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cybozu:remote_service_manager:3.1.8:*:*:*:*:*:*:*
cpe:2.3:a:cybozu:remote_service_manager:3.1.9:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00488
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-611
Связанные уязвимости
github
больше 3 лет назад
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to conduct XML External Entity (XXE) attacks and obtain the information stored in the product via unspecified vectors. This issue occurs only when using Mozilla Firefox.
EPSS
Процентиль: 65%
0.00488
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-611