CVE-2014-8474

Name of the Vulnerable Software and Affected Versions CA Cloud Service Management (CSM) versions prior to Summer 2014

Description The issue allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Recommendations For CA Cloud Service Management (CSM) versions prior to Summer 2014, update to a version released after Summer 2014 to resolve the issue.