CVE-2021-42537

Sažetak

VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-21-308-01
https://www.cisa.gov/uscert/ics/advisories/icsa-21-308-01

CVSS

Base:	5.9
Impact:	4.2
Exploitability:	1.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	LOW	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N

Zadnje važnije ažuriranje

17-04-2025 - 16:15

Objavljeno

27-07-2022 - 21:15