exploitDog

CVE-2021-31339

Опубликовано: 12 мая 2021

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3). Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework.

Ссылки

https://cert-portal.siemens.com/productcert/pdf/ssa-854248.pdf
Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-131-09
Third Party Advisory
US Government Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-854248.pdf
Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-131-09
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mendix:excel_importer:*:*:*:*:*:*:*:*

Версия до 9.0.3 (исключая)

EPSS

Процентиль: 39%

0.00178

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-209

Связанные уязвимости

GHSA-742c-94r3-qw76

github

больше 3 лет назад

A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3). Uploading a manipulated XML File results in an exception that could expose information about the Application-Server and the used XML-Framework.

EPSS

Процентиль: 39%

0.00178

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-209