An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and 2022.14 allows attackers to perform arbitrary file reading under the privileges of the running process, make SSRF requests, or cause a Denial of Service (DoS) via unspecified vectors.
Metrics
Affected Vendors & Products
References
History
Wed, 08 Jan 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-125 | |
Metrics |
cvssV3_1
|
Tue, 07 Jan 2025 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and 2022.14 allows attackers to perform arbitrary file reading under the privileges of the running process, make SSRF requests, or cause a Denial of Service (DoS) via unspecified vectors. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published: 2025-01-07T00:00:00
Updated: 2025-01-08T14:58:56.489Z
Reserved: 2024-05-17T00:00:00
Link: CVE-2024-35532

Updated: 2025-01-08T14:58:49.258Z

Status : Received
Published: 2025-01-07T20:15:29.627
Modified: 2025-01-08T15:15:17.793
Link: CVE-2024-35532

No data.