An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: blackberry
Published: 2019-03-21T17:12:15
Updated: 2024-08-04T21:31:37.513Z
Reserved: 2019-02-21T00:00:00
Link: CVE-2019-8997
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-03-21T18:29:00.613
Modified: 2024-11-21T04:50:47.170
Link: CVE-2019-8997
Redhat
No data.