Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCiscoCVELIST:CVE-2017-12216
HistorySep 07, 2017 - 9:00 p.m.

CVE-2017-12216

2017-09-0721:00:00
CWE-200
cisco
www.cve.org
4

AI Score

8.7

Confidence

High

EPSS

0.005

Percentile

77.2%

JSON

A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file with malicious entries, which could allow the attacker to read and write files and execute remote code within the application. Cisco Bug IDs: CSCvf47946.

CNA Affected

[
  {
    "product": "Cisco SocialMiner",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco SocialMiner"
      }
    ]
  }
]

Related

cisco 1
cve 1
prion 1
nvd 1
cisco
cisco
Cisco SocialMiner XML External Entity Injection Vulnerability
2017-09-06 16:00:00
cve
cve
CVE-2017-12216
2017-09-07 21:29:00
prion
prion
Xxe
2017-09-07 21:29:00
nvd
nvd
CVE-2017-12216
2017-09-07 21:29:00

AI Score

8.7

Confidence

High

EPSS

0.005

Percentile

77.2%

JSON
Related for CVELIST:CVE-2017-12216
cisco1cve1prion1nvd1