Windows Event Viewer XML External Entity (XXE) Vulnerability

CVE-2019-0948 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity, aka 'Windows Event Viewer Information Disclosure Vulnerability'.

Learn more about our External Network Penetration Testing.