Xxe

2015-05-3014:59:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.9%

JSON

The web-based user interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCus97452.

CPENameOperatorVersion
unified_meetingplaceeq8.61.9

CPE	Name	Operator	Version
	unified_meetingplace	eq	8.61.9

References

tools.cisco.com/security/center/viewAlert.x?alertId=39130

www.securitytracker.com/id/1032448