CVE-2021-20839

2021-11-0101:50:16

jpcert

www.cve.org

6.9 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.0%

JSON

Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and earlier allows a remote unauthenticated attacker to conduct an XML External Entity (XXE) attack to cause a denial of service (DoS) condition to the other servers by processing a specially crafted XML document.

CNA Affected

[
  {
    "product": "Office Server Document Converter",
    "vendor": "Antenna House, Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "V7.2MR4 and earlier and V7.1MR7 and earlier"
      }
    ]
  }
]