CVSS 3.1 Score 2.8 of 10 (low)


Published Dec 11, 2023
Updated: Dec 13, 2023
CWE ID 611


CVE-2023-6194 is a vulnerability found in Eclipse Memory Analyzer versions 0.7 to 1.14.0. The vulnerability allows users to use a malicious report definition XML file containing an external entity reference, which can lead to the access of external files or URLs defined via a DTD in the report definition. This vulnerability affects various products including t0YY9r, t0YY9s, jIjgYO, jIjgYP, jIjgYM, jIjgYN, and more. The risk score for this vulnerability is 25 and it has a base severity of LOW. Organizations can remediate this vulnerability by updating the affected versions of Eclipse Memory Analyzer to a secure version that filters DTD references to external entities.

Leverage our Vulnerability Intelligence module to secure your systems now - get detailed insights on CVE-2024-37364. Book your demo today.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-6194 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options