CVE-2017-7503

State: PUBLISHED · Published: 2017-05-18 · Updated: 2024-08-05 · Assigner: redhat

Description

It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.

CWE

(none)

Affected

Red Hat, Inc. / JBoss Enterprise Application Platform — v=7.0.5 [affected]

CVSS

(none)

References

http://www.securityfocus.com/bid/98546 vdb-entry, x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=1451960 x_refsource_CONFIRM

Source

cvelistV5-main/cves/2017/7xxx/CVE-2017-7503.json