Security Advisory - XML Bomb Vulnerability in AnyOffice

2016-09-07T00:00:00
ID HUAWEI-SA-20160907-01-ANYOFFICE
Type huawei
Reporter Huawei Technologies
Modified 2016-09-07T00:00:00

Description

AnyOffice Enterprise Mobile Management (EMM) is a module of the AnyOffice, which provides the mobile terminal management function. The XML Bomb vulnerability in the AnyOffice EMM could allow an authenticated, remote attacker to cause the software to deny services by uploading an XML bomb. (Vulnerability ID: HWPSIRT-2016-08063) Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160907-01-anyoffice-en