CVE-2024-3930

In versions of Akana API Platform prior to 2024.1.0a flaw resulting in XML External Entity (XXE) was discovered.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
PerforceCNA
6.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
VendorProductVersion
perforceakana_api
𝑥
< 2024.1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://portal.perforce.com/s/detail/a91PA000001SUKLYA4
https://portal.perforce.com/s/detail/a91PA000001SUKLYA4