OBDA Mastro 1.0 xml entity expansion

A vulnerability was found in OBDA Mastro 1.0 and classified as problematic. Affected by this issue is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field06/22/2022 08:02 AM06/25/2022 08:53 AM
vendorOBDAOBDA
nameMastroMastro
version1.01.0
cwe776 (xml entity expansion)776 (xml entity expansion)
risk11
cvss3_vuldb_sUU
cvss3_vuldb_cNN
cvss3_vuldb_iNN
cvss3_vuldb_aLL
cveCVE-2021-40511CVE-2021-40511
cve_assigned1630706400 (09/04/2021)1630706400 (09/04/2021)
date1655848800 (06/22/2022)1655848800 (06/22/2022)
cvss2_vuldb_ciNN
cvss2_vuldb_iiNN
cvss2_vuldb_aiPP
cvss2_vuldb_avAA
cvss2_vuldb_acMM
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_avAA
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss2_vuldb_basescore2.32.3
cvss2_vuldb_tempscore2.32.3
cvss3_vuldb_basescore3.53.5
cvss3_vuldb_tempscore3.53.5
cvss3_meta_basescore3.53.5
cvss3_meta_tempscore3.53.5
price_0day$0-$5k$0-$5k
cve_nvd_summaryOBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.
urlhttps://www.cyberiskvision.com/advisory/

Do you need the next level of professionalism?

Upgrade your account now!