XML Validation Vulnerability in Apache OpenMeetings by Apache
CVE-2017-7664

10CRITICAL

Key Information:

Vendor: Apache
Status: Apache Openmeetings
Vendor: CVE Published:; 17 July 2017

What is CVE-2017-7664?

The vulnerability involves a failure in correctly validating uploaded XML documents in Apache OpenMeetings 3.1.0. This flaw can potentially allow malicious users to upload harmful XML files, which may lead to various security issues within the application. It is crucial for users and administrators of Apache OpenMeetings to assess their systems and apply necessary security measures to mitigate the impact of this vulnerability.

Affected Version(s)

Apache OpenMeetings 3.1.0

References

http://www.securityfocus.com/bid/99576

vdb-entryx_refsource_BID

http://markmail.org/message/cwr552iapmhukb45

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 17, 2017
Vulnerability Reserved
Apr 11, 2017