VYPR
Unrated severityNVD Advisory· Published Apr 17, 2014· Updated Jun 17, 2026

CVE-2014-0644

CVE-2014-0644

Description

EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, as demonstrated by reading the /etc/shadow file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:emc:cloud_tiering_appliance_software:10.0:-:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:emc:cloud_tiering_appliance_software:10.0:-:*:*:*:*:*:*
    • cpe:2.3:a:emc:cloud_tiering_appliance_software:10.0:sp1:*:*:*:*:*:*
    • cpe:2.3:h:emc:cloud_tiering_appliance:-:*:*:*:*:*:*:*
    • (no CPE)range: 10 through SP1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.