CVE-2018-20733: XEE
First published: Thu Jan 17 2019(Updated: )
BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| <9.4 | ||
| =9.4 | ||
| =9.4-maintenance_release_1 | ||
| =9.4-maintenance_release_2 | ||
| =9.4-maintenance_release_3 | ||
| =9.4-maintenance_release_4 | ||
| =9.4-maintenance_release_5 | ||
| IBM AIX | ||
| Linux Linux kernel | ||
| Microsoft Windows | ||
| Oracle Solaris |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2018-20733.
What is the title of this vulnerability?
The title of this vulnerability is BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE.
What is the severity rating of CVE-2018-20733?
CVE-2018-20733 has a severity rating of 7.5 (high).
Which software versions are affected by CVE-2018-20733?
BI Web Services in SAS Web Infrastructure Platform versions before 9.4M6 are affected by CVE-2018-20733.
How can I fix the vulnerability CVE-2018-20733?
To fix the vulnerability CVE-2018-20733, update your SAS Web Infrastructure Platform to version 9.4M6 or later.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/tags
- agent/type
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/sas
- vendor/hpe
- vendor/ibm
- canonical/ibm aix
- vendor/linux
- canonical/linux linux kernel
- vendor/microsoft
- canonical/microsoft windows
- vendor/oracle
- canonical/oracle solaris