This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Sybase install is affected by an arbitrary file disclosure
The remote Sybase EAServer install is affected by an arbitrary file
disclosure vulnerability. It is possible to view any file on the system
by utilizing XML external entity injection in specially crafted XML data
sent to the REST service on the remote host.
Note that hosts that are affected by this vulnerability are potentially
affected by other vulnerabilities that Nessus has not tested for.
See also :
Apply the appropriate patch per the vendor's advisory.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.1
Public Exploit Available : true