CVE Daily

CVE-2014-9360

XML external entity (XXE) vulnerability in Scalix Web Access 11.4.6.12377 and 12...

Medium CVSS 6.4

Overview

XML external entity (XXE) vulnerability in Scalix Web Access 11.4.6.12377 and 12.2.0.14697 allows remote attackers to read arbitrary files and trigger requests to intranet servers via a crafted request.

CWE: N/A Published: 2014-12-10T15:59:23.597
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 6.4 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags