The Unica application exposes an API which accepts arbitrary XML input. By manipulating the given XML, an authenticated attacker with certain rights can successfully perform XML External Entity attacks (XXE) against the backend service.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: HCL
Published: 2023-08-03T21:14:43.014Z
Updated: 2024-08-02T17:16:30.168Z
Reserved: 2023-07-06T16:11:32.538Z
Link: CVE-2023-37497
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-08-03T22:15:12.257
Modified: 2023-08-08T14:49:09.140
Link: CVE-2023-37497
Redhat
No data.