low

AWS Java SDK XXE injection

Published Tue, Oct 10th, 2017
Platforms

Summary

The AWS Java SDK was vulnerable to XML external entity (XXE) injection related to XML parsers.

Affected Services

Java SDK

Remediation

None required

Tracked CVEs

No tracked CVEs

References

Disclosure Date
-
Exploitablity Period
-
Known ITW Exploitation
-
Detection Methods
-
Piercing Index Rating
-
Discovered by
Alex Brasetvik