Vulnerabilities > CVE-2018-9116 - XXE vulnerability in Wiremock

047910
CVSS 9.1 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
wiremock
CWE-611
critical
NVD
Published: 2018-03-29
Updated: 2023-11-07

Summary

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service.

Vulnerable Configurations

Part Description Count
Application
Wiremock
67

Common Weakness Enumeration (CWE)

References