CVE-2021-28684 - CERT CVE
ID CVE-2021-28684
Sažetak The XML parser used in ConeXware PowerArchiver before 20.10.02 allows processing of external entities, which might lead to exfiltration of local files over the network (via an XXE attack).
Reference
CVSS
Base: 4.3
Impact: 2.9
Exploitability:8.6
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL NONE NONE
CVSS vektor AV:N/AC:M/Au:N/C:P/I:N/A:N
Zadnje važnije ažuriranje 23-06-2021 - 18:56
Objavljeno 21-06-2021 - 13:15