CVE Vulnerabilities

CVE-2015-4538

Published: Sep 04, 2015 | Modified: Dec 22, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:S/C:C/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The XML parser in EMC Atmos before 2.2.3.426 and 2.3.x before 2.3.1.0 allows remote authenticated users to read arbitrary files or cause a denial of service (CPU and memory consumption) via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Affected Software

Name Vendor Start Version End Version
Atmos Emc 2.2.3 (including) 2.2.3 (including)
Atmos Emc 2.3.0 (including) 2.3.0 (including)

References