Unrated severityNVD Advisory· Published Apr 17, 2014· Updated Jun 17, 2026
CVE-2014-0644
CVE-2014-0644
Description
EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, as demonstrated by reading the /etc/shadow file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:emc:cloud_tiering_appliance_software:10.0:-:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:emc:cloud_tiering_appliance_software:10.0:-:*:*:*:*:*:*
- cpe:2.3:a:emc:cloud_tiering_appliance_software:10.0:sp1:*:*:*:*:*:*
- cpe:2.3:h:emc:cloud_tiering_appliance:-:*:*:*:*:*:*:*
- (no CPE)range: 10 through SP1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.