virus logo FortiClient Vulnerability

Sleuth Kit autopsy CVE-2018-1000838 XML External Entity Vulnerability

description-logoDescription

autopsy version <= 4.9.0 contains a XML External Entity (XXE) vulnerability in CaseMetadata XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Specially crafted CaseMetadata.

affected-products-logoAffected Applications

autopsy

CVE References

CVE-2018-1000838

Other References

https://nvd.nist.gov/vuln/detail/CVE-2018-1000838
ID 2018
Created May 20, 2021
Description
Updated		 Oct 26, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Coverage FortiClient
OS Windows
Vendor The Sleuth Kit
Patch manual
Application autopsy