Vulnerabilities > CVE-2021-38490 - XML Entity Expansion vulnerability in Altova Mobiletogether Server 7.0/7.3

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
altova
CWE-776
NVD
Published: 2021-08-10
Updated: 2021-08-18

Summary

Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425.

Vulnerable Configurations

Part Description Count
Application
Altova
2

Common Weakness Enumeration (CWE)

References