NVD

Id
24061  
Name
CVE-2015-1833  
Description
XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request.  
Reject
 
CVSS Version
2  
CVSS Score
6.4  
Severity
Medium  
CVSS Base Score
6.4  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-19  
Published
2015-05-29  
Modified Date
2016-12-30  
Seq
2015-1833  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
127719 24061 CVE-2015-1833 [jackrabbit-announce] 20150521 CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability)  View
127720 24061 CVE-2015-1833 http://packetstormsecurity.com/files/132005/Jackrabbit-WebDAV-XXE-Injection.html  View
127721 24061 CVE-2015-1833 http://www.apache.org/dist/jackrabbit/2.10.1/RELEASE-NOTES.txt  View
127722 24061 CVE-2015-1833 DSA-3298  View
127723 24061 CVE-2015-1833 20150521 CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability)  View
127724 24061 CVE-2015-1833 74761  View
127725 24061 CVE-2015-1833 https://issues.apache.org/jira/browse/JCR-3883  View
127726 24061 CVE-2015-1833 37110  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
7536 JVNDB-2015-002856 Apache Jackrabbit における XML 外部エンティティの脆弱性 Apache Jackrabbit には、XML 外部エンティティ (XXE) の脆弱性が存在します。 CVE-2015-1833 79058 CVE-2015-1833 24061 6.4 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-002856.html 2015-05-21 2015-06-02 View