![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2022-41218 – Linux Kernel Vulnerability
September 23, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2022-40754 – Apache Airflow Vulnerability
September 23, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2022-41218 – Linux Kernel Vulnerability
September 23, 2022![Rewterz](https://www.rewterz.com/wp-content/uploads/2023/01/News.jpg)
Rewterz Threat Advisory – CVE-2022-40754 – Apache Airflow Vulnerability
September 23, 2022Severity
High
Analysis Summary
CVE-2022-40705
Apache SOAP is vulnerable to an XML external entity injection (XXE) attack when processing XML data, caused by a weakly configured XML parser in RPCRouterServlet. By using specially-crafted XML content in the configuration file, a remote attacker could exploit this vulnerability to read arbitrary files.
Impact
- Information Theft
Indicators Of Compromise
CVE
- CVE-2022-41218
Affected Vendors
- Apache
Affected Products
- Apache SOAP 2.2
Remediation
Refer to Apache Security Advisory for patch, upgrade or suggested workaround information.