CVE-2023-37364
CVSS 3.1 Score 9.1 of 10 (high)
Details
Published Aug 3, 2023
Updated: Aug 8, 2023
CWE ID 611
Summary
CVE-2023-37364 is a vulnerability affecting WS-Inc J WBEM Server version 4.7.4 and below. The issue lies in the CIM-XML protocol adapter, which fails to disable entity resolution. This oversight allows attackers to read arbitrary files or cause a denial of service, reminiscent of the vulnerability outlined in CVE-2013-4152.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share