Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2014-3481 - Vulnerability Database
Jboss EAP

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2014-3481

Medium
Reference: CVE-2014-3481
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2014-3481
Title: Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion which allows remote attackers to read arbitrary files via unspecified vectors related to an XML External Entity (XXE) issue.