Unrated severityNVD Advisory· Published Mar 1, 2021· Updated Sep 17, 2024
CVE-2021-21517
CVE-2021-21517
Description
SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. A remote unauthenticated attacker can potentially exploit this vulnerability to read system files as a non-root user and may be able to temporarily disrupt the ESRS service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: unspecified
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.