CVE-2014-5392

XML External Entity (XXE) vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a request containing an XML external entity declaration in conjunction with an entity reference.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sos:jobscheduler:*:*:*:*:*:*:*:*
cpe:2.3:a:sos:jobscheduler:1.6.4014:*:*:*:*:*:*:*
cpe:2.3:a:sos:jobscheduler:1.6.4043:*:*:*:*:*:*:*
cpe:2.3:a:sos:jobscheduler:1.7.4177:*:*:*:*:*:*:*
cpe:2.3:a:sos:jobscheduler:1.7.4189:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-09-23 15:55

Updated : 2024-02-28 12:20


NVD link : CVE-2014-5392

Mitre link : CVE-2014-5392

CVE.ORG link : CVE-2014-5392


JSON object : View

Products Affected

sos

  • jobscheduler