216.73.217.64

CVE-2024-42185

· Published 23/01/2025 03:15 · Modified 23/01/2025 03:15

Labels: CVE-2024-42185 2025-01-23CVE-2024-42185CWE-611[email protected]

Essential information

Published
23/01/2025 03:15
Modified
23/01/2025 03:15
Author
Creator
CVSS
2.5 LOW (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N

CVSS metrics

Description

BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML injection attacks. This allows an attacker to exploit this vulnerability by injecting malicious XML content, which can lead to various issues including denial of service and unauthorized access.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References