ID CVE-2018-16792
Summary SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an attacker to exfiltrate data.
References
Vulnerable Configurations
  • cpe:2.3:a:solarwinds:sftp%2fscp_server:20180910
    cpe:2.3:a:solarwinds:sftp%2fscp_server:20180910
CVSS
Base: 6.4
Impact:
Exploitability:
CWE CWE-611
CAPEC
refmap via4
fulldisc 20181201 SolarWinds SFTP Vulnerabilities
Last major update 05-12-2018 - 17:29
Published 05-12-2018 - 17:29
Last modified 31-12-2018 - 12:53
Back to Top