CVE-2021-21517

by Fred · 01/03/2021

SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. A remote unauthenticated attacker can potentially exploit this vulnerability to read system files as a non-root user and may be able to temporarily disrupt the ESRS service.

Date published : 2021-03-01

https://www.dell.com/support/kbdoc/en-us/000183576/dsa-2021-045-dell-emc-srs-policy-manager-security-update-for-external-entity-injection-vulnerability

CVE-2021-21517

Similar

Recent Posts

Categories

CVE-2021-21517

Share this:

Similar

Recent Posts

Categories

Tags