In WS-Inc J WBEM Server 4.7.4 prior to 4.7.5, the CIM-XML protocol adapter does not disable entity resolution. This allows context-dependent malicious users to read arbitrary files or cause a denial of service, a similar issue to CVE-2013-4152.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ws-inc j wbem |