Vulnerability Details CVE-2022-2414
Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.916
EPSS Ranking 99.6%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2022-2414
-
cpe:2.3:a:dogtagpki:dogtagpki:10.11.2
-
cpe:2.3:a:dogtagpki:dogtagpki:10.12.4
-
cpe:2.3:a:dogtagpki:dogtagpki:10.5.18
-
cpe:2.3:a:dogtagpki:dogtagpki:10.7.4
-
cpe:2.3:a:dogtagpki:dogtagpki:10.8.3
-
cpe:2.3:a:dogtagpki:dogtagpki:11.0.5
-
cpe:2.3:a:dogtagpki:dogtagpki:11.1.0