CVE-2014-5035

2014-08-26T14:55:00
ID CVE-2014-5035
Type cve
Reporter cve@mitre.org
Modified 2018-10-09T19:49:00

Description

The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue.