XML External Entity Vulnerability in Apache Jackrabbit Products
CVE-2015-1833

Currently unrated

Key Information:

Vendor

Apache
Status
Jackrabbit
Vendor
CVE Published:
29 May 2015

What is CVE-2015-1833?

The XML External Entity (XXE) vulnerability in Apache Jackrabbit versions prior to 2.0.6, 2.2.14, 2.4.6, 2.6.6, 2.8.1, and 2.10.1 allows remote attackers to exploit crafted WebDAV requests. This could lead to unauthorized access to sensitive files on the server and potentially allow attackers to make requests to internal services, resulting in information leakage and a potential breach of internal network security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.debian.org/security/2015/dsa-3298
vendor-advisoryx_refsource_DEBIAN
http://www.securityfocus.com/bid/74761
vdb-entryx_refsource_BID
https://www.exploit-db.com/exploits/37110/
exploitx_refsource_EXPLOIT-DB

EPSS Score

30% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.