VAR-201708-0163
Vulnerability from variot - Updated: 2023-12-18 13:29An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 and prior, ALC WebCTRL Version 6.5 and prior, and Carrier i-Vu Version 6.5 and prior. An attacker could enter malicious input to WebCTRL, i-Vu, or SiteScan Web through a weakly configured XML parser causing the application to execute arbitrary code or disclose file contents from a server or connected network. ALC WebCTRL , i-Vu ,and SiteScan Web Is XML An external entity vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. AutomatedLogic provides a complete set of building electrical and mechanical control systems for the majority of users, including central air conditioning automatic control, power distribution monitoring, water supply and drainage monitoring, lighting monitoring and elevator monitoring. The system has been widely used in the United States, China and other regions. There are XML external entity vulnerabilities in multiple devices of AutomatedLogicCorporation. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-0163",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "automatedlogic webctrl",
"scope": "lte",
"trust": 1.0,
"vendor": "carrier",
"version": "6.5"
},
{
"model": "i-vu",
"scope": "lte",
"trust": 1.0,
"vendor": "automatedlogic",
"version": "6.5"
},
{
"model": "sitescan web",
"scope": "lte",
"trust": 1.0,
"vendor": "automatedlogic",
"version": "6.5"
},
{
"model": "i-vu",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "sitescan web",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "webctrl",
"scope": "lte",
"trust": 0.8,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "carrier i-vu",
"scope": "lte",
"trust": 0.6,
"vendor": "automated logic",
"version": "\u003c=6.5"
},
{
"model": "alc webctrl",
"scope": "lte",
"trust": 0.6,
"vendor": "automated logic",
"version": "\u003c=6.5"
},
{
"model": "liebert sitescan web",
"scope": "lte",
"trust": 0.6,
"vendor": "automated logic",
"version": "\u003c=6.5"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "6.5"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "6.5"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.6,
"vendor": "automatedlogic",
"version": "6.5"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.1"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.0"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.5"
},
{
"model": "webctrl",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.2"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.1"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.5"
},
{
"model": "sitescan web",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.2"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.5"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.1"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "6.0"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.5"
},
{
"model": "i-vu",
"scope": "eq",
"trust": 0.3,
"vendor": "automated logic",
"version": "5.2"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i vu",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sitescan web",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "webctrl",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "52ef8bd8-d974-45fb-aa99-07306c190de3"
},
{
"db": "CNVD",
"id": "CNVD-2017-24364"
},
{
"db": "BID",
"id": "100558"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008818"
},
{
"db": "NVD",
"id": "CVE-2016-5795"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1409"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:automatedlogic:i-vu:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:automatedlogic:sitescan_web:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:carrier:automatedlogic_webctrl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5795"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Evgeny Ermakov from Kaspersky Lab.",
"sources": [
{
"db": "BID",
"id": "100558"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5795",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-5795",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-24364",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "52ef8bd8-d974-45fb-aa99-07306c190de3",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 7.3,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-5795",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-5795",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-24364",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201708-1409",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "52ef8bd8-d974-45fb-aa99-07306c190de3",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "52ef8bd8-d974-45fb-aa99-07306c190de3"
},
{
"db": "CNVD",
"id": "CNVD-2017-24364"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008818"
},
{
"db": "NVD",
"id": "CVE-2016-5795"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1409"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 and prior, ALC WebCTRL Version 6.5 and prior, and Carrier i-Vu Version 6.5 and prior. An attacker could enter malicious input to WebCTRL, i-Vu, or SiteScan Web through a weakly configured XML parser causing the application to execute arbitrary code or disclose file contents from a server or connected network. ALC WebCTRL , i-Vu ,and SiteScan Web Is XML An external entity vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. AutomatedLogic provides a complete set of building electrical and mechanical control systems for the majority of users, including central air conditioning automatic control, power distribution monitoring, water supply and drainage monitoring, lighting monitoring and elevator monitoring. The system has been widely used in the United States, China and other regions. There are XML external entity vulnerabilities in multiple devices of AutomatedLogicCorporation. \nAttackers can exploit this issue to gain access to sensitive information or cause denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5795"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008818"
},
{
"db": "CNVD",
"id": "CNVD-2017-24364"
},
{
"db": "BID",
"id": "100558"
},
{
"db": "IVD",
"id": "52ef8bd8-d974-45fb-aa99-07306c190de3"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5795",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-17-150-01",
"trust": 3.3
},
{
"db": "BID",
"id": "100558",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2017-24364",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1409",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008818",
"trust": 0.8
},
{
"db": "IVD",
"id": "52EF8BD8-D974-45FB-AA99-07306C190DE3",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "52ef8bd8-d974-45fb-aa99-07306c190de3"
},
{
"db": "CNVD",
"id": "CNVD-2017-24364"
},
{
"db": "BID",
"id": "100558"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008818"
},
{
"db": "NVD",
"id": "CVE-2016-5795"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1409"
}
]
},
"id": "VAR-201708-0163",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "52ef8bd8-d974-45fb-aa99-07306c190de3"
},
{
"db": "CNVD",
"id": "CNVD-2017-24364"
}
],
"trust": 0.08
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "52ef8bd8-d974-45fb-aa99-07306c190de3"
},
{
"db": "CNVD",
"id": "CNVD-2017-24364"
}
]
},
"last_update_date": "2023-12-18T13:29:14.908000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.automatedlogic.com/"
},
{
"title": "AutomatedLogicCorporation Patch for Multiple Device XML External Entity Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/101402"
},
{
"title": "ALC Liebert SiteScan Web , ALC WebCTRL and Carrier i-Vu Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=74504"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-24364"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008818"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1409"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-611",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008818"
},
{
"db": "NVD",
"id": "CVE-2016-5795"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-150-01"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/100558"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5795"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5795"
},
{
"trust": 0.3,
"url": "http://www.automatedlogic.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-24364"
},
{
"db": "BID",
"id": "100558"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008818"
},
{
"db": "NVD",
"id": "CVE-2016-5795"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1409"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "52ef8bd8-d974-45fb-aa99-07306c190de3"
},
{
"db": "CNVD",
"id": "CNVD-2017-24364"
},
{
"db": "BID",
"id": "100558"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008818"
},
{
"db": "NVD",
"id": "CVE-2016-5795"
},
{
"db": "CNNVD",
"id": "CNNVD-201708-1409"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-02T00:00:00",
"db": "IVD",
"id": "52ef8bd8-d974-45fb-aa99-07306c190de3"
},
{
"date": "2017-09-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-24364"
},
{
"date": "2017-08-31T00:00:00",
"db": "BID",
"id": "100558"
},
{
"date": "2017-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008818"
},
{
"date": "2017-08-31T21:29:00.187000",
"db": "NVD",
"id": "CVE-2016-5795"
},
{
"date": "2017-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1409"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-24364"
},
{
"date": "2017-08-31T00:00:00",
"db": "BID",
"id": "100558"
},
{
"date": "2017-09-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008818"
},
{
"date": "2021-07-27T19:25:34.713000",
"db": "NVD",
"id": "CVE-2016-5795"
},
{
"date": "2021-08-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201708-1409"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1409"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural ALC In product XML External entity vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201708-1409"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…