Vulnerability Details CVE-2022-25628
An authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.4
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.6%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2022-25628
-
cpe:2.3:a:broadcom:symantec_identity_governance_and_administration:14.3
-
cpe:2.3:a:broadcom:symantec_identity_governance_and_administration:14.4