← back
CVE-2021-45096

CVE-2021-45096

CVSS 4.7 MEDIUMEPSS 1.1%
KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a crafted workflow file (.knwf), aka AP-17730.
CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:C/UI:R
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/dawid-czarnecki/public-vulnerabilitieshttps://www.knime.com/changelog-v45https://www.knime.com/whats-new-in-knime-45https://zigrin.com/advisories/knime-analytics-platform-external-xml-entity-injection/