The vulnerability of the IBM Sterling Partner Engagement Manager software lies in the improper limitation of XML links to external objects, which allows attackers to disclose protected information.

The vulnerability of the IBM Sterling Partner Engagement Manager software relates to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose sensitive information...

The vulnerability of the Teamcenter product lifecycle management system lies in the improper restriction of XML references to external objects, which allows attackers to perform XXE attacks.

The vulnerability of the Teamcenter product lifecycle management system is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to perform XXE attacks remotely...

The vulnerability of the software solution that supports the closing, consolidation, and reporting processes of IBM Cognos Controller arises from incorrect restrictions on XML references to external objects. This allows attackers to disclose sensitive information or exploit memory resources.

The vulnerability of the software solution that supports the closing, consolidation, and reporting processes of IBM Cognos Controller is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to disclose sensitive...

The vulnerability of the software solution that supports the closing, consolidation, and reporting processes of IBM Cognos Controller arises from incorrect restrictions on XML references to external objects. This allows attackers to disclose sensitive information or exploit memory resources.

The vulnerability of the IBM Cognos Controller software, which supports closing processes, consolidating data, and generating reports, is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to disclose sensitive...

The vulnerability of the Adobe Experience Manager content and media data management system lies in the improper limitation of XML links to external objects, which allows attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager content and media data management system is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code...

The vulnerability of the Adobe Experience Manager content and media data management system lies in the improper limitation of XML links to external objects, which allows attackers to access confidential information.

The vulnerability of the Adobe Experience Manager content and media data management system is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information...

The vulnerability of the Adobe Experience Manager content and media data management system lies in the improper limitation of XML links to external objects, which allows attackers to access confidential information.

The vulnerability of the Adobe Experience Manager content and media data management system is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information...

Advisory ROSA-SA-2021-1819

Software: cvs 1.11.23 OS: Cobalt 7.9 CVE-ID: CVE-2020-2324 CVE-Crit: HIGH CVE-DESC: The Jenkins CVS 2.16 and earlier plug-in does not configure its XML syntactic parser to prevent attacks on XML external objects XXE. CVE-STATUS: default CVE-REV: default...

The vulnerability of the online business analytics service IBM Cognos Analytics lies in the improper restriction of XML links to external objects. This allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerability of the online business analytics service IBM Cognos Analytics is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or cause service failures...

The vulnerability of the online business analytics service IBM Cognos Analytics, related to incorrect restrictions on XML links to external objects, allows attackers to compromise the confidentiality and accessibility of protected information.

The vulnerability of the online business analytics service IBM Cognos Analytics is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and accessibility of protected information...

The vulnerability of the Nokogiri library lies in the improper limitation of XML links to external objects, which allows attackers to perform SSRF attacks or XXE attacks.

The vulnerability of the Nokogiri library is related to an incorrect limitation on XML links to external objects. Exploiting this vulnerability allows a remote attacker to perform an SSRF attack or an XXE attack...

The vulnerability of the Windows Media Center multimedia playback application stems from incorrect restrictions on XML links to external objects, which allows attackers to exploit this flaw to disclose protected information.

The vulnerability of the Windows Media Center multimedia playback application is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor to disclose protected information using a specially crafted .mcl file...

The vulnerability of Intel Quartus Prime Pro and Intel Quartus Prime Standard automated design systems lies in improper restrictions on XML links to external objects, which allows attackers to gain unauthorized access to protected information.

The vulnerability of Intel Quartus Prime Pro and Intel Quartus Prime Standard automated design systems is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected...

The vulnerability in the vManage web interface of the programmatically defined Cisco SD-WAN network allows a intruder to gain unauthorized access to protected information.

The vulnerability in the vManage web interface of the Cisco SD-WAN program-defined network is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability in the web interface of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition systems allows a perpetrator to disclose protected information or cause service failures.

The vulnerability of the Web interface for Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor to disclose...

The vulnerability of the Microsoft XML Core Services MSXML on the Windows operating system allows a perpetrator to execute arbitrary code.

The vulnerability of Microsoft XML Core Services MSXML in the Windows operating system is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote...

The vulnerability of the XML analyzer browser Internet Explorer, which allows a hacker to disclose protected information

The vulnerability of the XML browser analyzer Internet Explorer is related to a bug that restricts XML links to external objects. Exploiting this vulnerability can allow an attacker to gain access to local files and disclose protected information using a specially crafted MHT file MHTML Web Archi...

The vulnerability of the Zabbix universal monitoring system arises from incorrect restrictions on XML links to external objects, allowing a perpetrator to execute arbitrary code or read arbitrary files.

The vulnerability of the Zabbix universal monitoring system is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or read arbitrary files using a specially crafted XML request...

The vulnerability of the FloorPlanApp component, a software integration platform of SAP NetWeaver, allows a perpetrator to access confidential information or cause service failures.

The vulnerability of the FloorPlanApp component of the SAP NetWeaver software integration platform is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information or cause service...

The vulnerability of the Document Sciences xPression enterprise automation system arises from incorrect restrictions on XML references to external objects. This allows attackers to gain access to system files, perform SRF attacks, or cause service failures.

The vulnerability of the Document Sciences xPression enterprise automation system arises from an incorrect limitation on XML references to external objects /xFramework/services/QuickDoc.QuickDocHttpSoap11Endpoint/. Exploiting this vulnerability could allow a malicious actor to gain access to syst...