CVE-2015-0758 Information

Description

The web-based user interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference related to an XML External Entity (XXE) issue aka Bug ID CSCus97452.

Reference

http://tools.cisco.com/security/center/viewAlert.x?alertId=39130 http://www.securitytracker.com/id/1032448