An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated XML Entity Expansion Denial of Service on the WiNG Access Point / Controller via crafted XML entities to the Web User Interface.
References
Link | Resource |
---|---|
https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003 | Mitigation Vendor Advisory |
https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003 | Mitigation Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 04:09
Type | Values Removed | Values Added |
---|---|---|
References | () https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003 - Mitigation, Vendor Advisory |
Information
Published : 2018-02-05 04:29
Updated : 2024-11-21 04:09
NVD link : CVE-2018-5789
Mitre link : CVE-2018-5789
CVE.ORG link : CVE-2018-5789
JSON object : View
Products Affected
extremewireless
- wing
CWE
CWE-611
Improper Restriction of XML External Entity Reference