Critical severity9.8NVD Advisory· Published Feb 1, 2018· Updated Jun 17, 2026
CVE-2014-3005
CVE-2014-3005
Description
XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
7- support.zabbix.com/browse/ZBX-8151nvdExploitPatchVendor Advisory
- web.archive.org/web/20140622034155/http://www.pnigos.com:80/nvdExploitThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2014-June/134885.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2014-June/134909.htmlnvdThird Party Advisory
- seclists.org/fulldisclosure/2014/Jun/87nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/68075nvdThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.