CVE-2016-6898

Sažetak

XML external entity (XXE) vulnerability in the Hyper Management Module (HMM) in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service (web service outage) via a crafted XML document.

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-e9000-en
http://www.securityfocus.com/bid/92620

CVSS

Base:	4.9
Impact:	4.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:S/C:P/I:N/A:P

Zadnje važnije ažuriranje

08-09-2016 - 15:42

Objavljeno

07-09-2016 - 19:28