Описание
Improper restriction of XML external entity reference issue exists in DataSpider Servista 4.4 and earlier. If a specially crafted request is processed, arbitrary files on the file system where the server application for the product is installed may be read, or a denial-of-service (DoS) condition may occur.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.4 (включая)
cpe:2.3:a:saison:dataspider_servista:*:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.0007
Низкий
8.2 High
CVSS3
9.1 Critical
CVSS3
Дефекты
CWE-611
Связанные уязвимости
CVSS3: 8.2
github
4 месяца назад
Improper restriction of XML external entity reference issue exists in DataSpider Servista 4.4 and earlier. If a specially crafted request is processed, arbitrary files on the file system where the server application for the product is installed may be read, or a denial-of-service (DoS) condition may occur.
EPSS
Процентиль: 21%
0.0007
Низкий
8.2 High
CVSS3
9.1 Critical
CVSS3
Дефекты
CWE-611