CVE-2014-0170

2014-09-3014:00:00

redhat

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.004

Percentile

72.4%

JSON

Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualization 6.0.0 before patch 3 allows remote attackers to read arbitrary files via a crafted request to a REST endpoint, related to an XML External Entity (XXE) issue.

References

rhn.redhat.com/errata/RHSA-2014-1284.html

secunia.com/advisories/61530

www.securitytracker.com/id/1030886

exchange.xforce.ibmcloud.com/vulnerabilities/96192

issues.jboss.org/browse/TEIID-2911