CVE-2024-4189

MEDIUM Year: 2024
CVSS v3 Score
8.0
High
Weakness Type
CWE-611
View all →

Vulnerability Description

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.

Related Vulnerabilities

CVE-2017-6323

HIGH
CVSS:8.0(High)

The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly con...

CWE-6112017

CVE-2019-18943

HIGH
CVSS:8.0(High)

Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations.

CWE-6112019

CVE-2024-4184

MEDIUM
CVSS:8.0(High)

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and b...

CWE-6112024

CVE-2024-4690

MEDIUM
CVSS:8.0(High)

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and b...

CWE-6112024

CVE-2016-3033

HIGH
CVSS:8.1(High)

IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity dec...

CWE-6112016

CVE-2016-3055

HIGH
CVSS:8.1(High)

IBM FileNet Workplace 4.0.2 before 4.0.2.14 LA012 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external...

CWE-6112016