Vulnerabilities > CVE-2014-6303 - Resource Management Errors vulnerability in Pnmsoft Sequence Kinetics 7.5

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
pnmsoft
CWE-399

Summary

The Monitoring Administration pages in PNMsoft Sequence Kinetics before 7.7 do not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

Vulnerable Configurations

Part Description Count
Application
Pnmsoft
1

Common Weakness Enumeration (CWE)