Vulnerabilities > CVE-2024-4184 - XXE vulnerability in Microfocus Application Automation Tools 5.1/5.2

CVSS 8.0 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

microfocus

CWE-611

NVD

Published: 2024-10-16

Updated: 2024-10-21

Summary

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.

Vulnerable Configurations

Part	Description	Count
Application	Microfocus Microfocus Application Automation Tools 5.1 Microfocus Application Automation Tools 5.2	2

Common Weakness Enumeration (CWE)

CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')

References

https://portal.microfocus.com/s/article/KM000033540?language=en_US