Description

An XXE issue in the Director NBR component in NAKIVO Backup & Replication 10.3.x through 11.0.1 before 11.0.2 allows remote attackers fetch and parse the XML response.

Related CPE's

Could not find any relations

References

https://helpcenter.nakivo.com/Knowledge-Base/Content/Security-Advisory/CVE-2025-32406.htm

Weaknesses

[email protected]

Secondary
CWE-611

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

8.6 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Awaiting analysis

Published

2025-04-08T15:15:50.677

1 month ago

Last modified

2025-04-08T18:16:08.917

1 month ago