Security Advisory

CVE-2013-7285

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-05-15 16:54:57

Last updated 2024-08-06 18:01:20

Assigner mitre

State PUBLISHED

Description

Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.

← Browse all CVEs View on cve.org ↗