Vulnerabilities > CVE-2019-4391 - XXE vulnerability in Hcltech Appscan 9.0.3.13/9.0.3.14

047910
CVSS 8.2 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
LOW
network
low complexity
hcltech
CWE-611
NVD
Published: 2020-04-07
Updated: 2024-11-21

Summary

HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data

Vulnerable Configurations

Part Description Count
Application
Hcltech
3

Common Weakness Enumeration (CWE)

References