Lucene search
K
RedhatEdeploy

5 matches found

CVE
CVE
added 2019/12/15 9:19 p.m.89 views

CVE-2014-3699

CVE-2014-3699 affects the Linux configuration/update tool eDeploy . The vulnerability is a deserialization flaw: untrusted data deserialized via Python’s cPickle , leading to remote code execution. Public references in the documents consistently describe an RCE impact without detailing specific e...

9.8CVSS9.4AI score0.0237EPSS
CVE
CVE
added 2019/12/15 9:21 p.m.86 views

CVE-2014-3701

CVE-2014-3701 describes a tmp file race condition in eDeploy. NVD lists CVSSv3.1 8.1 (Network, High, UI=None, Privileges=None, Scope=Unchanged) with high impact to confidentiality, integrity, and availability; CVSSv2 9.3 (Network, High) also indicates complete impact. Connected entries reiterate ...

9.3CVSS8.1AI score0.015EPSS
CVE
CVE
added 2017/10/16 3:0 p.m.46 views

CVE-2014-3702

CVE-2014-3702 describes a directory-traversal vulnerability in Red Hat eNovance eDeploy. A remote attacker can exploit the vulnerability by manipulating the session parameter with dots (..) to create arbitrary directories and files, causing a denial of service through resource consumption. The co...

9.1CVSS8.8AI score0.0194EPSS
CVE
CVE
added 2019/11/21 2:31 p.m.45 views

CVE-2014-3700

CVE-2014-3700 relates to the eDeploy component, where remote code execution is possible due to the use of eval() on untrusted data. The available records describe this as a high/severity issue with RCE risk (NVD CVSS v2: 7.5 Partial Integrity/Partial Availability; v3.1: 9.8 Critical), indicating ...

9.8CVSS9.7AI score0.0284EPSS
CVE
CVE
added 2017/09/19 3:0 p.m.38 views

CVE-2014-8174

CVE-2014-8174 relates to Red Hat eDeploy where an attacker can achieve remote code execution by abusing eDeploy’s handling of HTTP downloads. The linked sources explicitly describe eDeploy as a tool that facilitates remote code execution when files are downloaded over HTTP, enabling an attacker t...

9.8CVSS9.7AI score0.03011EPSS