CVE-2019-18943 is a vulnerability in Micro Focus Solutions Business Manager
Published on February 26, 2021

XML External Entity processing
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

REQUIRED

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

NONE

Availability Impact:

NONE

Weakness Type

What is a XXE Vulnerability?

The software processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

CVE-2019-18943 has been classified to as a XXE vulnerability or weakness.

Products Associated with CVE-2019-18943

Want to know whenever a new CVE is published for Micro Focus Solutions Business Manager? stack.watch will email you.

Micro Focus Solutions Business Manager

Affected Versions

Micro Focus Solutions Business Manager Version < 11.7.1 is affected by CVE-2019-18943

Exploit Probability

EPSS

0.11%

Percentile

29.21%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.