OpenDaylight 1.0 Netconf Service XML External Entity (XXE) Vulnerability
CVE-2014-5035 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue.
Learn more about our External Network Penetration Testing.