2 matches found
CVE-2016-6805
Apache Ignite before 1.9 allows man-in-the-middle attackers to read arbitrary files via XXE in modified update-notifier documents...
CVE-2016-6805
Summary : CVE-2016-6805 affects Apache Ignite before 1.9. The issue arises from an XML External Entity (XXE) vulnerability in the update-notifier documents, allowing a man-in-the-middle to read arbitrary files. The description in connected sources consistently cites the XXE flaw as the root cause...