CVE-2020-10629

Summary

WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files.

Affected Software

VendorProductVersion RangeStatus
n/aWebAccess/NMSVersions prior to 3.0.2affected

Weaknesses

  • CWE-611: IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611

ADP Enrichment

CVE Program Container

Additional References

References