How severe is CVE-2018-5433?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2018-5433?

This is classified as CWE-611, which is a common weakness in software security.

CVE-2018-5433 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, and TIBCO Administrator - Enterprise Edition for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion (XXE) attacks to disclose host machine information. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions up to and including 5.10.0, and TIBCO Administrator - Enterprise Edition for z/Linux: versions up to and including 5.9.1.

Related Vulnerabilities

CVE-2011-4107

MEDIUM

CVSS:6.5(Medium)

The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary...

CWE-6112011

CVE-2012-0037

MEDIUM

CVSS:6.5(Medium)

Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read ...

CWE-6112012

CVE-2012-3489

MEDIUM

CVSS:6.5(Medium)

The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users ...

CWE-6112012

CVE-2014-3599

MEDIUM

CVSS:6.5(Medium)

HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy

CWE-6112014

CVE-2015-0194

MEDIUM

CVSS:6.5(Medium)

XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data.

CWE-6112015

CVE-2015-7743

MEDIUM

CVSS:6.5(Medium)

XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote authenticated users to read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses ...

CWE-6112015