CRITICAL🇬🇧 English

CVE-2017-14759

CVSS 9.8v3.0pub. 2017-10-03upd. 2026-05-13

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versions might be affected as well) is prone to an XML External Entity vulnerability: /xFramework/services/QuickDoc.QuickDocHttpSoap11Endpoint/. An unauthenticated user is able to read directory listings or system files, or cause SSRF or Denial of Service.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Opentext Document Sciences Xpression

    APP
    Opentext
    ≤ 4.5
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
SSRFDoSXXE
CWE
Referencje

Powiązane podatności

CVE-2017-14960HIGH7.5ten sam produkt

xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13...

CVE-2017-14757HIGH8.8ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...

CVE-2017-14758HIGH8.8ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...

CVE-2017-14754MEDIUM6.5ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...

CVE-2017-14755MEDIUM6.1ten sam produkt

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...