7.5
CVE-2015-1818
- EPSS 0.54%
- Veröffentlicht 11.08.2015 14:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginXML external entity (XXE) vulnerability in the dashbuilder import facility (DocumentBuilders in org.jboss.dashboard.export.ImportManagerImpl) in Red Hat JBoss BPM Suite before 6.1.2 allows remote attackers to read arbitrary files, conduct server-side request forgery (SSRF) attacks, and have other unspecified impact via a crafted XML document.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Jboss Bpm Suite Version <= 6.1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.54% | 0.664 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|