An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: blackberry

Published: 2019-03-21T17:12:15

Updated: 2024-08-04T21:31:37.513Z

Reserved: 2019-02-21T00:00:00

Link: CVE-2019-8997

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-03-21T18:29:00.613

Modified: 2024-11-21T04:50:47.170

Link: CVE-2019-8997

cve-icon Redhat

No data.