CVE-2014-5035

The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue.
Configurations

Configuration 1 (hide)

cpe:2.3:a:opendaylight:opendaylight:1.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-08-26 14:55

Updated : 2024-02-28 12:20


NVD link : CVE-2014-5035

Mitre link : CVE-2014-5035

CVE.ORG link : CVE-2014-5035


JSON object : View

Products Affected

opendaylight

  • opendaylight