CVE-2018-12471

External Entity processing in the RegistrationSharing module

CVSS 6.5 MEDIUMEPSS 1.5%CWE-611

A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT allows remote attackers to read data from the server or cause DoS by referencing blocking elements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Productos afectados

SUSE Linux · SMT

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://bugzilla.suse.com/show_bug.cgi?id=1103809