Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCertccCVELIST:CVE-2013-3617
HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-3617

2022-10-0316:14:44
certcc
www.cve.org
openbravo erp
xml api
remote authenticated users
arbitrary files
xxe issue

6.3 Medium

AI Score

Confidence

Low

0.299 Low

EPSS

Percentile

97.0%

JSON

The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declaration in conjunction with an entity reference to /ws/dal/ADUser or other /ws/dal/XXX interfaces, related to an XML External Entity (XXE) issue.

Related

prion 1
nvd 1
cve 1
cert 1
checkpoint_advisories 2
prion
prion
Xxe
2013-11-02 19:55:00
nvd
nvd
CVE-2013-3617
2013-11-02 19:55:04
cve
cve
CVE-2013-3617
2022-10-03 16:14:44
cert
cert
Openbravo ERP contains an information disclosure vulnerability
2013-10-30 00:00:00
checkpoint_advisories
checkpoint_advisories
Multiple Products XML Public External Entity Information Disclosure (CVE-2013-3617; CVE-2013-4152; CVE-2013-6429; CVE-2014-0002; CVE-2014-0423)
2013-09-29 00:00:00
Multiple Products XML System External Entity Information Disclosure (CVE-2013-3617; CVE-2013-4152; CVE-2013-6429; CVE-2014-0002; CVE-2014-0054; CVE-2014-0423)
2013-09-29 00:00:00

6.3 Medium

AI Score

Confidence

Low

0.299 Low

EPSS

Percentile

97.0%

JSON
Related for CVELIST:CVE-2013-3617
prion1nvd1cve1cert1checkpoint_advisories2