7.5
CVE-2018-20733
- EPSS 0.28%
- Veröffentlicht 17.01.2019 01:29:00
- Zuletzt bearbeitet 21.11.2024 04:02:03
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginBI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sas ≫ Web Infrastructure Platform Version < 9.4
Hpe ≫ Hp-ux Ipfilter Version-
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Sas ≫ Web Infrastructure Platform Version9.4 Update-
Hpe ≫ Hp-ux Ipfilter Version-
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Sas ≫ Web Infrastructure Platform Version9.4 Updatemaintenance_release_1
Hpe ≫ Hp-ux Ipfilter Version-
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Sas ≫ Web Infrastructure Platform Version9.4 Updatemaintenance_release_2
Hpe ≫ Hp-ux Ipfilter Version-
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Sas ≫ Web Infrastructure Platform Version9.4 Updatemaintenance_release_3
Hpe ≫ Hp-ux Ipfilter Version-
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Sas ≫ Web Infrastructure Platform Version9.4 Updatemaintenance_release_4
Hpe ≫ Hp-ux Ipfilter Version-
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Sas ≫ Web Infrastructure Platform Version9.4 Updatemaintenance_release_5
Hpe ≫ Hp-ux Ipfilter Version-
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
Ibm ≫ Aix Version- HwPlatformx64
Linux ≫ Linux Kernel Version- HwPlatformx64
Microsoft ≫ Windows Version- HwPlatformx64
Oracle ≫ Solaris Version- HwPlatformx64
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.481 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-611 Improper Restriction of XML External Entity Reference
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.