Vulnerability Details : CVE-2018-1000838
autopsy version <= 4.9.0 contains a XML External Entity (XXE) vulnerability in CaseMetadata XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Specially crafted CaseMetadata.
Vulnerability category: XML external entity (XXE) injectionServer-side request forgery (SSRF) Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2018-1000838
0.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 57 %
Percentile, the proportion of vulnerabilities that are scored at or less