Dell: >> Emc Srs Policy Manager Security Vulnerabilities
SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. A remote unauthenticated attacker can potentially exploit this vulnerability to read system files as a non-root user and may be able to temporarily disrupt the ESRS service.
CVSS Score
7.2
EPSS Score
0.004
Published
2021-03-01