CVE-2016-2340

2016-03-25T21:59:00
ID CVE-2016-2340
Type cve
Reporter cve@mitre.org
Modified 2017-04-07T01:59:00

Description

The AMF framework in Granite Data Services 3.1.1-SNAPSHOT allows remote authenticated users to read arbitrary files, send TCP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. <a href="http://cwe.mitre.org/data/definitions/611.html">CWE-611: Improper Restriction of XML External Entity Reference ('XXE')</a>