CVE-2014-3066

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Endpoint Manager
Vendor: CVE Published:; 2 July 2014

Summary

IBM Tivoli Endpoint Manager 9.1 before 9.1.1088.0 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

References

http://secunia.com/advisories/58672

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/58906

third-party-advisoryx_refsource_SECUNIA

http://www-01.ibm.com/support/docview.wss?uid=swg21673967

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 2, 2014
Vulnerability Reserved
Apr 29, 2014