3 matches found
CVE-2023-23595
BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as "machine example.com login daniel password qwerty" in the documentation example for the .netrc file format. NOTE: 2.x versions are no longer supported...
Format string
BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as "machine example.com login daniel password qwerty" in the documentation example for the .netrc file format. NOTE: 2.x versions are no longer supported...
PT-2023-19067 · Blue Coat · Bluecat Device Registration Portal
Name of the Vulnerable Software and Affected Versions: BlueCat Device Registration Portal version 2.2 Description: The issue allows XXE attacks that can exfiltrate single-line files, potentially containing credentials, such as those found in .netrc files. For example, a single-line file might...