Due to missing validation of XML input, an unauthenticated attacker could send malicious input to an endpoint which leads to XML Entity Expansion attack. This causes limited impact on availability of the application.
Metrics
Affected Vendors & Products
References
History
Tue, 10 Dec 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 10 Dec 2024 00:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Due to missing validation of XML input, an unauthenticated attacker could send malicious input to an endpoint which leads to XML Entity Expansion attack. This causes limited impact on availability of the application. | |
Title | XML Entity Expansion Vulnerability in SAP NetWeaver AS JAVA | |
Weaknesses | CWE-611 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2024-12-10T00:12:24.270Z
Updated: 2024-12-10T20:38:26.239Z
Reserved: 2024-09-27T20:05:49.544Z
Link: CVE-2024-47582
Vulnrichment
Updated: 2024-12-10T20:38:22.466Z
NVD
Status : Received
Published: 2024-12-10T01:15:06.280
Modified: 2024-12-10T01:15:06.280
Link: CVE-2024-47582
Redhat
No data.