// For flags

CVE-2014-1868

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack.

Restlet Framework 2.1.x anterior a 2.1.7 y 2.x.x anterior a 2.2 RC1, cuando utiliza los serializadores XMLRepresentation o XML, permite a atacantes causar una denegación de servicio a través de un ataque de la expansión de la entidad XML (XEE).

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-02-05 CVE Reserved
  • 2014-10-06 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 <= 2.2
Search vendor "Restlet" for product "Restlet Framework" and version " <= 2.2"
milestone6
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.1.0
Search vendor "Restlet" for product "Restlet Framework" and version "2.1.0"
-
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.1.1
Search vendor "Restlet" for product "Restlet Framework" and version "2.1.1"
-
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.1.2
Search vendor "Restlet" for product "Restlet Framework" and version "2.1.2"
-
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.1.3
Search vendor "Restlet" for product "Restlet Framework" and version "2.1.3"
-
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.1.4
Search vendor "Restlet" for product "Restlet Framework" and version "2.1.4"
-
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.1.5
Search vendor "Restlet" for product "Restlet Framework" and version "2.1.5"
-
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.1.6
Search vendor "Restlet" for product "Restlet Framework" and version "2.1.6"
-
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.2
Search vendor "Restlet" for product "Restlet Framework" and version "2.2"
milestone1
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.2
Search vendor "Restlet" for product "Restlet Framework" and version "2.2"
milestone2
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.2
Search vendor "Restlet" for product "Restlet Framework" and version "2.2"
milestone3
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.2
Search vendor "Restlet" for product "Restlet Framework" and version "2.2"
milestone4
Affected
Restlet
Search vendor "Restlet"
 Restlet Framework
Search vendor "Restlet" for product "Restlet Framework"
 2.2
Search vendor "Restlet" for product "Restlet Framework" and version "2.2"
milestone5
Affected