Lucene search
HistorySep 22, 2014 - 3:55 p.m.
CVE-2014-3595
cve
2014
3595
xss
vulnerability
spacewalk-java
spacewalk
red hat network
rhn
satellite
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.6%
Cross-site scripting (XSS) vulnerability in spacewalk-java 1.2.39, 1.7.54, and 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.4 through 5.6 allows remote attackers to inject arbitrary web script or HTML via a crafted request that is not properly handled when logging.
Affected configurations
Node
redhatsatelliteMatch5.4
ORredhatsatelliteMatch5.5
ORredhatsatelliteMatch5.6
ORredhatsatellite_with_embedded_oracleMatch5.4
ORredhatsatellite_with_embedded_oracleMatch5.5
ORredhatspacewalk-javaMatch1.2.39
ORredhatspacewalk-javaMatch1.7.54
ORredhatspacewalk-javaMatch2.0.2
Node
susemanagerMatch1.7
susesuse_linux_enterprise_serverMatch11sp2
Node
susemanager_serverMatch-
Related
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 09:01:03
cvelist
cvelist
CVE-2014-3595
2014-09-22 15:00:00
suse
suse
Security update for spacewalk-java (important)
2014-09-25 19:04:16
Security update for spacewalk-java (important)
2014-10-31 18:05:11
nvd
nvd
CVE-2014-3595
2014-09-22 15:55:07
prion
prion
Cross site scripting
2014-09-22 15:55:00
redhat
redhat
(RHSA-2014:1184) Important: spacewalk-java security update
2014-09-11 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.7 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.6%
Related for CVE-2014-3595