Vulnerabilities > CVE-2014-0171

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

redhat

odata4j-project

NVD

Published: 2015-01-15

Updated: 2024-11-21

Summary

XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Jboss Data Virtualization 5.0.0 Redhat Jboss Data Virtualization 6.0.0	4
Application	Odata4J_Project Odata4J Project Odata4J -	1

Redhat

advisories

rhsa

id	RHSA-2015:0034

References

http://rhn.redhat.com/errata/RHSA-2015-0034.html
http://rhn.redhat.com/errata/RHSA-2015-0034.html
https://issues.jboss.org/browse/TEIID-2911
https://issues.jboss.org/browse/TEIID-2911

Vulnerabilities > CVE-2014-0171 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2014-0171"}]}

Summary

Vulnerable Configurations

Redhat

References

Vulnerabilities > CVE-2014-0171