4 matches found
CVE-2015-0581
The XML parser in Cisco Prime Service Catalog before 10.1 allows remote authenticated users to read arbitrary files or cause a denial of service CPU and memory consumption via an external entity declaration in conjunction with an entity reference, as demonstrated by reading private keys, related ...
Xxe
The XML parser in Cisco Prime Service Catalog before 10.1 allows remote authenticated users to read arbitrary files or cause a denial of service CPU and memory consumption via an external entity declaration in conjunction with an entity reference, as demonstrated by reading private keys, related ...
CVE-2015-0581
The XML parser in Cisco Prime Service Catalog before 10.1 allows remote authenticated users to read arbitrary files or cause a denial of service CPU and memory consumption via an external entity declaration in conjunction with an entity reference, as demonstrated by reading private keys, related ...
CVE-2015-0581
The CVE-2015-0581 issue affects Cisco Prime Service Catalog prior to 10.1, where the XML parser is vulnerable to an XML External Entity (XXE) attack. Remote authenticated users can read arbitrary files or trigger a denial of service (CPU/memory consumption) by crafting an external entity declarat...