XML External Entity Vulnerability in IBM Tivoli Endpoint Manager
CVE-2014-3066

Currently unrated

Key Information:

Vendor

IBM
Status
Tivoli Endpoint Manager
Vendor
CVE Published:
2 July 2014

What is CVE-2014-3066?

IBM Tivoli Endpoint Manager versions prior to 9.1.1088.0 are susceptible to an XML External Entity (XXE) vulnerability that permits remote attackers to read sensitive files on the server. This flaw occurs when XML data incorporates an external entity declaration leading to unauthorized file access, posing serious risks to data security and potentially exposing confidential information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/58672
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/58906
third-party-advisoryx_refsource_SECUNIA
http://www-01.ibm.com/support/docview.wss?uid=swg21673967
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.