Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially exploit this vulnerability, leading to information disclosure.
Metrics
Affected Vendors & Products
References
History
Thu, 17 Oct 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Dell
Dell emc Appsync |
|
CPEs | cpe:2.3:a:dell:emc_appsync:*:*:*:*:*:*:*:* | |
Vendors & Products |
Dell
Dell emc Appsync |
Wed, 09 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 09 Oct 2024 07:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially exploit this vulnerability, leading to information disclosure. | |
Weaknesses | CWE-611 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2024-10-09T06:48:53.639Z
Updated: 2024-10-09T13:25:52.908Z
Reserved: 2024-06-26T02:16:08.993Z
Link: CVE-2024-39586
Vulnrichment
Updated: 2024-10-09T13:25:46.160Z
NVD
Status : Analyzed
Published: 2024-10-09T07:15:09.473
Modified: 2024-10-17T14:30:02.843
Link: CVE-2024-39586
Redhat
No data.