VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-21-308-01 | Mitigation Third Party Advisory US Government Resource |
Configurations
History
05 Aug 2022, 14:47
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://www.cisa.gov/uscert/ics/advisories/icsa-21-308-01 - Mitigation, Third Party Advisory, US Government Resource | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Visam
Visam vbase Web-remote |
|
CPE | cpe:2.3:a:visam:vbase_web-remote:11.6.0.6:*:*:*:*:*:*:* | |
CWE | CWE-611 |
27 Jul 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-07-27 21:15
Updated : 2023-12-10 14:35
NVD link : CVE-2021-42537
Mitre link : CVE-2021-42537
CVE.ORG link : CVE-2021-42537
JSON object : View
Products Affected
visam
- vbase_web-remote
CWE
CWE-611
Improper Restriction of XML External Entity Reference