Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-20838

Опубликовано: 01 нояб. 2021
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and earlier allows a remote unauthenticated attacker to conduct an XML External Entity (XXE) attack to cause a denial of service (DoS) condition by processing a specially crafted XML document.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:antennahouse:office_server_document_converter:*:*:*:*:*:*:*:*
Версия до 5.2 (исключая)
cpe:2.3:a:antennahouse:office_server_document_converter:5.2:-:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.0:-:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.0:mr1:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.0:mr2:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.1:-:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.1:mr2:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.1:mr2:*:*:pro:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.1:mr3:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:6.1:mr4:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.0:*:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.0:mr1:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.0:mr2:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.0:mr3:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.1:-:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.1:mr1:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.1:mr2:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.1:mr3:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.2:*:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.2:mr1:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.2:mr2:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.2:mr3:*:*:*:*:*:*
cpe:2.3:a:antennahouse:office_server_document_converter:7.2:mr4:*:*:*:*:*:*

EPSS

Процентиль: 72%
0.00719
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-611

Связанные уязвимости

github логотип

GHSA-q423-xqrx-xqpf

github
больше 3 лет назад

Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and earlier allows a remote unauthenticated attacker to conduct an XML External Entity (XXE) attack to cause a denial of service (DoS) condition by processing a specially crafted XML document.

EPSS

Процентиль: 72%
0.00719
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-611