Skip to main content

Jobscheduler CVE-2014-5392

MEDIUM
2014-09-23 cve@mitre.org
5.8
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
5.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:P/I:N/A:P
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Sep 23, 2014 - 15:55 cve.org
MEDIUM 5.8

DescriptionCVE.org

XML External Entity (XXE) vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a request containing an XML external entity declaration in conjunction with an entity reference.

AnalysisAI

XML External Entity (XXE) vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Technical ContextAI

XML External Entity (XXE) vulnerability in JobScheduler before 1.6.4246 and 7.x before 1.7.4241 allows remote attackers to cause a denial of service and read arbitrary files or directories via a request containing an XML external entity declaration in conjunction with an entity reference. Affected products include: Sos Jobscheduler. Version information: before 1.6.4246.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2014-5392 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy