- CVE ID
- CVE-2017-7503
- CVE Description
- It was found that the Red Hat JBoss EAP 7.0.5 implementation of javax.xml.transform.TransformerFactory is vulnerable to XXE. An attacker could use this flaw to launch DoS or SSRF attacks, or read files from the server where EAP is deployed.
- Published
- Jul 12, 2017
- CVSS Score & Severity
9.8Critical
- CVSS Vector
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- EPSS Score
- 2.007%
- KEV Status
Not in KEV Catalog: No known exploits
- Source
- National Vulnerability Database