CVE-2022-45194

CVE-2022-45194 describes XXE abuse in CBRN-Analysis prior to version 22 via an am mws XML document, leading to NTLMv2-SSP hash disclosure. Connected sources confirm affected software (CBRN-Analysis) and root cause (external entity processing in XML). The PT-2022-27424 advisory explicitly recommen...