XML External Entity Vulnerability in Huawei SEQ Analyst
CVE-2015-2346

Currently unrated

Key Information:

Vendor: Huawei
Status: Seq Analyst
Vendor: CVE Published:; 18 May 2015

What is CVE-2015-2346?

The vulnerability in Huawei SEQ Analyst enables remote authenticated users to exploit XML External Entity (XXE) injection, which allows unauthorized access to arbitrary files on the server through manipulation of the req parameter. This exposure can lead to significant security risks, including disclosure of sensitive configuration files or user data. It is important for users of the affected versions to apply the necessary patches to mitigate this threat.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://seclists.org/fulldisclosure/2015/Apr/42

mailing-listx_refsource_FULLDISC

http://packetstormsecurity.com/files/131459/Huawei-SEQ-An...

x_refsource_MISC

Timeline

Vulnerability published
May 18, 2015
Vulnerability Reserved
Mar 18, 2015

JSON

Huawei

What is CVE-2015-2346?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.