Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ApacheSoap

2 matches found

CVE
CVEadded 2022/09/22 8:15 a.m.402 views

CVE-2022-40705

CVE-2022-40705 describes an XML External Entity (XXE) vulnerability in Apache SOAP’s RPCRouterServlet. A crafted XML payload can allow an unauthenticated attacker to read arbitrary files over HTTP. The CVSS v3.1 base score is 7.5 (HIGH); attack vector NETWORK, no user interaction required. Affect...

7.5CVSS7.4AI score0.00399EPSS
CVE
CVEadded 2022/11/14 12:0 a.m.152 views

CVE-2022-45378

Oracle WebCenter Portal versions affected include 12.2.1.4.0, where the Portal Core component (Apache SOAP) is vulnerable due to a default unauthenticated RPCRouterServlet. This could allow an attacker to invoke methods on classpath entries and, depending on available classes, may lead to arbitra...

9.8CVSS9.7AI score0.04512EPSS