ID CVE-2018-10077
Summary XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data.
References
Vulnerable Configurations
  • cpe:2.3:a:geistglobal:watchdog_console:3.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:geistglobal:watchdog_console:3.2.2:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 17-05-2018 - 17:16)
Impact:
Exploitability:
CWE CWE-611
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:N/A:N
refmap via4
exploit-db 44493
misc http://packetstormsecurity.com/files/147253/Geist-WatchDog-Console-3.2.2-XSS-XML-Injection-Insecure-Permissions.html
vulnerable_product via4 cpe:2.3:a:geistglobal:watchdog_console:3.2.2:*:*:*:*:*:*:*
Last major update 17-05-2018 - 17:16
Published 20-04-2018 - 21:29
Back to Top