ГлавнаяУязвимости → CVE-2019-19144
9.8критическая

CVE-2019-19144

Описание

XML External Entity Injection vulnerability in Quantum DXi6702 2.3.0.3 (11449-53631 Build304) devices via rest/Users?action=authenticate.

CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/atredispartners/advisories/blob/master/ATREDIS-2019-0004.mdhttps://www.quantum.com/products/disk-basedbackup/dxi6700/index.aspxhttps://github.com/atredispartners/advisories/blob/master/ATREDIS-2019-0004.md