CVE-2018-16166

2019-01-0922:00:00

jpcert

www.cve.org

AI Score

8.6

Confidence

High

EPSS

0.008

Percentile

81.7%

JSON

LogonTracer 1.2.0 and earlier allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.

CNA Affected

[
  {
    "product": "LogonTracer",
    "vendor": "JPCERT Coordination Center",
    "versions": [
      {
        "status": "affected",
        "version": "1.2.0 and earlier"
      }
    ]
  }
]

References

github.com/JPCERTCC/LogonTracer/releases/tag/v1.2.1

jvn.jp/en/vu/JVNVU98026636/index.html