XML External Entity (XXE) vulnerability in SabreDAV before 1.7.11 allows remote attackers to read arbitrary files, cause denial of service, or possibly have other impact

XML External Entity (XXE) vulnerability in SabreDAV before 1.7.11 allows remote attackers to read arbitrary files, cause denial of service, or possibly have other impact

CVE-2014-2055 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SabreDAV before 1.7.11, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.

Learn more about our Cis Benchmark Audit For Server Software.