Vulnerability Details CVE-2024-6893
The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.899
EPSS Ranking 99.6%
CVSS Severity
CVSS v3 Score 7.5
References