Описание
XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited to allow an XML External Entity Injection.
Уязвимые конфигурации
Конфигурация 1Версия от 12.50 (включая) до 12.60 (включая)Версия от 15.0.0 (включая) до 15.0.1 (включая)
Одно из
cpe:2.3:a:microfocus:application_lifecycle_management:*:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:application_lifecycle_management:*:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:application_lifecycle_management:12.60:patch1:*:*:*:*:*:*
cpe:2.3:a:microfocus:application_lifecycle_management:12.60:patch2:*:*:*:*:*:*
cpe:2.3:a:microfocus:application_lifecycle_management:12.60:patch3:*:*:*:*:*:*
cpe:2.3:a:microfocus:application_lifecycle_management:12.60:patch4:*:*:*:*:*:*
cpe:2.3:a:microfocus:application_lifecycle_management:12.60:patch5:*:*:*:*:*:*
cpe:2.3:a:microfocus:application_lifecycle_management:15.0.1:patch1:*:*:*:*:*:*
cpe:2.3:a:microfocus:application_lifecycle_management:15.0.1:patch2:*:*:*:*:*:*
cpe:2.3:a:microfocus:application_lifecycle_management:15.5:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00324
Низкий
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-611
Связанные уязвимости
github
больше 3 лет назад
XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited to allow an XML External Entity Injection.
EPSS
Процентиль: 55%
0.00324
Низкий
8.1 High
CVSS3
5.5 Medium
CVSS2
Дефекты
CWE-611