← back
CVE-2017-7503

CVE-2017-7503

EPSS 2.0%
It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.
Affected products
Red Hat, Inc. · JBoss Enterprise Application Platform

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.redhat.com/show_bug.cgi?id=1451960http://www.securityfocus.com/bid/98546