Описание
The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:opendaylight:opendaylight:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00777
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue.
EPSS
Процентиль: 73%
0.00777
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other