Unrated severityNVD Advisory· Published Feb 24, 2022· Updated Apr 17, 2025
IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611
CVE-2020-14478
Description
A local, authenticated attacker could use an XML External Entity (XXE) attack to exploit weakly configured XML files to access local or remote content. A successful exploit could potentially cause a denial-of-service condition and allow the attacker to arbitrarily read any local file via system-level services.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: unspecified
Patches
Vulnerability mechanics
References
1- www.cisa.gov/uscert/ics/advisories/icsa-20-177-02mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.