Vulnerabilities > CVE-2015-2346 - Unspecified vulnerability in Huawei SEQ Analyst
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
XML external entity (XXE) vulnerability in Huawei SEQ Analyst before V200R002C03LG0001CP0022 allows remote authenticated users to read arbitrary files via the req parameter. <a href="http://cwe.mitre.org/data/definitions/611.html">CWE-611: Improper Restriction of XML External Entity Reference ('XXE')</a>
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/131459/huaweiseqanalyst-xxe.txt |
id | PACKETSTORM:131459 |
last seen | 2016-12-05 |
published | 2015-04-16 |
reporter | Ugur Cihan KOC |
source | https://packetstormsecurity.com/files/131459/Huawei-SEQ-Analyst-XXE-Injection.html |
title | Huawei SEQ Analyst XXE Injection |