CVE-2021-42537

Description

VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Related CPE's

avisamvbase_web-remote11.6.0.6*******

References

https://www.cisa.gov/uscert/ics/advisories/icsa-21-308-01

MitigationThird Party AdvisoryUS Government Resource

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io