Vulnerabilities > CVE-2018-20733 - XXE vulnerability in SAS web Infrastructure Platform 9.4

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
sas
CWE-611

Summary

BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE.

Vulnerable Configurations

Part Description Count
Application
Sas
7
Application
Hpe
1
OS
Ibm
1
OS
Linux
1
OS
Microsoft
1
OS
Oracle
1