Vulnerabilities > CVE-2018-16792 - XXE vulnerability in Solarwinds Sftp/Scp Server 20180910
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an attacker to exfiltrate data.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |