← back
CVE-2018-12471

External Entity processing in the RegistrationSharing module

CVSS 6.5 MEDIUMEPSS 1.5%CWE-611
A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT allows remote attackers to read data from the server or cause DoS by referencing blocking elements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Affected products
SUSE Linux · SMT

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.suse.com/show_bug.cgi?id=1103809