CVE-2014-6303

Severity CVSS v4.0:
Pending analysis
Type:
CWE-399 Resource Management Errors
Publication date:
19/02/2015
Last modified:
12/04/2025

Description

The Monitoring Administration pages in PNMsoft Sequence Kinetics before 7.7 do not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:pnmsoft:sequence_kinetics:*:*:*:*:*:*:*:* 7.5 (including)