Описание
A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure.
A flaw was found in broker. An XEE attack can used in Broker's configuration files, leading to DoS and information disclosure. The highest threat from the vulnerability is to system availability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat AMQ Broker 7 | broker | Will not fix |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-611
https://bugzilla.redhat.com/show_bug.cgi?id=1840862broker: XXE injection in configuration files
5.6 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.6
nvd
больше 3 лет назад
A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure.
CVSS3: 5.6
github
больше 3 лет назад
A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configuration files, leading to denial of service and information disclosure.
5.6 Medium
CVSS3