Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:38 a.m.13 views

CVE-2022-40705

An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP version 2.2 and later versions. It is unknown whether previous versions are also affected. NOTE: This...

7.5CVSS6.8AI score0.01414EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/05 1:24 p.m.65 views

Security Bulletin: There is a vulnerability in Apache SOAP used by IBM Maximo Asset Management (CVE-2022-40705)

Summary There is a vulnerability in Apache SOAP used by IBM Maximo Asset Management. Vulnerability Details CVEID:CVE-2022-40705 DESCRIPTION: Apache SOAP is vulnerable to an XML external entity injection XXE attack when processing XML data, caused by a weakly configured XML parser in...

7.5CVSS7.5AI score0.01414EPSS
Exploits0Affected Software11
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/02 8:39 p.m.72 views

Security Bulletin: There is a security vulnerability in Apache SOAP used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-40705)

Summary There is a security vulnerability in Apache SOAP used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-40705 DESCRIPTION: Apache SOAP is vulnerable to an XML external entity injection XXE attack when processing XML data, caused by a...

7.5CVSS7.6AI score0.01414EPSS
Exploits0Affected Software1
NVD
NVD
added 2022/09/22 9:15 a.m.26 views

CVE-2022-40705

An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP version 2.2 and later versions. It is unknown whether previous versions are also affected. NOTE: This...

7.5CVSS0.01414EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/09/22 8:15 a.m.12 views

CVE-2022-40705 Apache SOAP: XML External Entity Injection (XXE) allows unauthenticated users to read arbitrary files via HTTP

An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP version 2.2 and later versions. It is unknown whether previous versions are also affected. NOTE: This...

6.8AI score0.01414EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/22 8:15 a.m.28 views

CVE-2022-40705 Apache SOAP: XML External Entity Injection (XXE) allows unauthenticated users to read arbitrary files via HTTP

An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects Apache SOAP version 2.2 and later versions. It is unknown whether previous versions are also affected. NOTE: This...

7.8AI score0.01414EPSS
Exploits0References2
CVE
CVE
added 2022/09/22 8:15 a.m.405 views

CVE-2022-40705

CVE-2022-40705 describes an XML External Entity (XXE) vulnerability in Apache SOAP’s RPCRouterServlet. A crafted XML payload can allow an unauthenticated attacker to read arbitrary files over HTTP. The CVSS v3.1 base score is 7.5 (HIGH); attack vector NETWORK, no user interaction required. Affect...

7.5CVSS7.4AI score0.01414EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder