How severe is CVE-2016-5795?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.3 out of 10.

What type of vulnerability is CVE-2016-5795?

This is classified as CWE-611, which is a common weakness in software security.

CVE-2016-5795

HIGH Year: 2016

CVSS v3 Score

7.3

High

CVSS v2 Score

7.5

High

Weakness Type

CWE-611

View all →

Vulnerability Description

An XXE issue was discovered in Automated Logic Corporation (ALC) Liebert SiteScan Web Version 6.5 and prior, ALC WebCTRL Version 6.5 and prior, and Carrier i-Vu Version 6.5 and prior. An attacker could enter malicious input to WebCTRL, i-Vu, or SiteScan Web through a weakly configured XML parser causing the application to execute arbitrary code or disclose file contents from a server or connected network.

CVE-2017-5661

HIGH

CVSS:7.3(High)

In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend o...

CWE-6112017

CVE-2017-5662

HIGH

CVSS:7.3(High)

In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depe...

CWE-6112017

CVE-2018-12463

HIGH

CVSS:7.3(High)

An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side reques...

CWE-6112018

CVE-2018-15444

HIGH

CVSS:7.3(High)

A vulnerability in the web-based user interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on a...

CWE-6112018