CVE-2019-6179

CWE-611XML External Entity (XXE)3 documents3 sources
Severity
7.5HIGH
EPSS
0.3%
top 47.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Lenovo Xclarity Administrator (lxca)Lenovo Xclarity Integrator (lxci) FOR Microsoft System CenterLenovo Xclarity Integrator (lxci) FOR Vmware Vcenter+2 more
Timeline
PublishedSep 3
Latest updateMay 24

Description

An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version 7.7.0, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter prior to version 6.1.0 that could allow information disclosure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages5 packages

CVEListV5lenovo/xclarity_administrator_(lxca)unspecified2.5.0

🔴Vulnerability Details

2
GHSA
GHSA-m7jw-5wwc-gxwh: An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 22022-05-24
CVEList
CVE-2019-6179: An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 22019-09-03
CVE-2019-6179 (HIGH CVSS 7.5) | An XML External Entity (XXE) proces | cvebase.io