CVE-2024-53675

HIGH

HPE Insight Remote Support < 7.14.0.629 - XML External Entity Injection

Title source: llm
STIX 2.1

Description

An XML external entity injection (XXE) vulnerability in HPE Insight Remote Support may allow remote users to disclose information in certain cases.

References (1)

Core 1

Scores

CVSS v3 7.3
EPSS 0.8394
EPSS Percentile 99.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-611 CWE-91
Status published
Products (1)
hpe/insight_remote_support < 7.14.0.629
Published Nov 26, 2024
Tracked Since Feb 18, 2026