CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-37364

In WS-Inc J WBEM Server 4.7.4 before 4.7.5, the CIM-XML protocol adapter does not disable entity resolution. This allows context-dependent attackers to read arbitrary files or cause a denial of service, a similar issue to CVE-2013-4152.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.7%

CVSS Severity

CVSS v3 Score 9.1

References

https://ws-inc.com
https://ws-inc.com/security.html
https://ws-inc.com
https://ws-inc.com/security.html

Products affected by CVE-2023-37364

Ws-Inc » J Wbem » Version: 4.0.0

cpe:2.3:a:ws-inc:j_wbem:4.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37364

Products

Pricing

Contact Us