VISAM VBASE version 11.6.0.6 processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-21-308-01 | Mitigation Third Party Advisory US Government Resource |
Configurations
Information
Published : 2022-07-27 14:15
Updated : 2022-08-05 07:47
NVD link : CVE-2021-42537
Mitre link : CVE-2021-42537
JSON object : View
CWE
CWE-611
Improper Restriction of XML External Entity Reference
Products Affected
visam
- vbase_web-remote