Security Advisory

CVE-2014-0644

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-04-17 01:00:00

Last updated 2024-08-06 09:20:19

Assigner dell

State PUBLISHED

Description

EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, as demonstrated by reading the /etc/shadow file.

← Browse all CVEs View on cve.org ↗