XML External Entity Vulnerability in HP Enterprise Maps 1.00
CVE-2014-4669

Currently unrated

Key Information:

Vendor

HP
Status
Enterprise Maps
Vendor
CVE Published:
28 June 2014

What is CVE-2014-4669?

HP Enterprise Maps version 1.00 is vulnerable to an XML External Entity (XXE) issue that allows remote authenticated users to access arbitrary files. This vulnerability arises during the GetQuote operation where a WSDL document can include an XML external entity declaration. Exploitation of this flaw could lead to the exposure of sensitive information stored on the server, making it crucial for affected users to take immediate action to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/68200
vdb-entryx_refsource_BID
http://seclists.org/fulldisclosure/2014/Jun/127
mailing-listx_refsource_FULLDISC
http://packetstormsecurity.com/files/127239/HP-Enterprise...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.