An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated XML Entity Expansion Denial of Service on the WiNG Access Point / Controller via crafted XML entities to the Web User Interface.
References
Link | Resource |
---|---|
https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003 | Mitigation Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2018-02-04 20:29
Updated : 2018-02-22 08:50
NVD link : CVE-2018-5789
Mitre link : CVE-2018-5789
JSON object : View
CWE
CWE-611
Improper Restriction of XML External Entity Reference
Products Affected
extremewireless
- wing