Xxe

2014-06-2815:55:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.6%

JSON

HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a GetQuote operation, related to an XML External Entity (XXE) issue.

CPENameOperatorVersion
enterprise_mapseq1.00

CPE	Name	Operator	Version
	enterprise_maps	eq	1.00

References

packetstormsecurity.com/files/127239/HP-Enterprise-Maps-1.00-Authenticated-XXE-Injection.html

seclists.org/fulldisclosure/2014/Jun/127

www.securityfocus.com/bid/68200