Lucene search
HistoryJan 15, 2015 - 3:59 p.m.
CVE-2014-7812
cve-2014-7812
xss
vulnerability
spacewalk
red hat network
rhn satellite
5.7.0
remote authenticated
web script
html
system groups
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.9%
Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary web script or HTML via the System Groups field.
Affected configurations
Node
redhatsatelliteMatch5.6
ORredhatspacewalkMatch-
Node
susemanagerMatch1.7
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:satellite | redhat satellite | eq | 5.6 |
| redhat:spacewalk | redhat spacewalk | eq | - |
Related
nvd
nvd
CVE-2014-7812
2015-01-15 15:59:02
veracode
veracode
Cross-site Scripting (XSS)
2019-05-02 05:07:04
cvelist
cvelist
CVE-2014-7812
2015-01-15 15:00:00
prion
prion
Cross site scripting
2015-01-15 15:59:00
redhat
redhat
(RHSA-2015:0033) Moderate: Red Hat Satellite 5.7.0 General Availability
2015-01-12 16:57:43
nessus
nessus
RHEL 6 : Satellite Server (RHSA-2015:0033)
2015-01-14 00:00:00
suse
suse
Security update for SUSE Manager Server 1.7 (important)
2015-05-22 00:05:32
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.9%
Related for CVE-2014-7812