CVE-2013-1140

Cisco Security Monitoring, Analysis, and Response System - XML External Entity Injection via XML Parser

Title source: llm
STIX 2.1

Description

The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCue55093.

References (1)

Core 1
Core References

Scores

EPSS 0.0116
EPSS Percentile 63.4%

Details

CWE
CWE-200
Status published
Products (1)
cisco/security_monitoring_analysis_and_response_system
Published Mar 06, 2013
Tracked Since Feb 18, 2026