KLA10668
File access vulnerability in QlikTech QlikView
Обновлено: 17/06/2019
Дата обнаружения
16/09/2015
Уровень угрозы
High
Описание

XML external entity vulnerability was found in QlikView at AccessPoint.aspx. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited remotely via a specially designed xml data.

Пораженные продукты

QlikTech Qlikview versions earlier than 11.20 SR12

Решение

Update to the latest version
Get QlikView

Оказываемое влияние
?
RLF 
[?]
CVE-IDS