CVE-2018-17150

InterSystems Cache 2017.2.2.865.0 is affected by CVE-2018-17150, a Cross-Site Scripting (XSS) vulnerability caused by insufficient validation of client-side data in the WEB application. The CNVD entry confirms the vulnerability in the same version and describes the risk as execution of client-sid...

CVE-2004-2683

InterSystems Cache 5.0 is affected by a vulnerability in the %XML.Utils.SchemaServer class that could allow an attacker to read arbitrary files on the server. The connected entries confirm the vulnerable component and the impact (arbitrary file access), but do not provide concrete exploitation de...

CVE-2018-17152

This entry concerns Intersystems Cache 2017.2.2.865.0, which is reported to allow XML External Entity (XXE) processing. The vulnerability is identified as CVE-2018-17152. According to the provided data, the affected product/version is Intersystems Cache 2017.2.2.865.0, with XXE as the root issue....

CVE-2018-17151

CVE-2018-17151 affects Intersystems Cache 2017.2.2.865.0 and is described as an Incorrect Access Control issue. The CVSS‑3.0 metrics indicate a Network‑based, low‑privilege threat with no user interaction, yielding a Medium risk (CVSS 5.4/3.0) and partial confidentiality/integrity impact (low) wi...