CVE-2018-6486

MFSBGN03797 rev.1 - Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), XML External Entity Injection

CVSS 7.3 HIGHEPSS 1.2%

XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), versions 16.10, 16.20, 17.10. This vulnerability could be exploited to allow a XML External Entity (XXE) injection.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Affected products

Micro Focus · Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03083653 http://www.securityfocus.com/bid/102902