Lucene search
Veracode Vulnerability DatabaseVERACODE:11680HistoryJan 15, 2019 - 9:06 a.m.
XML External Entity (XXE)
2019-01-1509:06:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
0.007 Low
EPSS
Percentile
80.6%
spacewalk-java is vulnerable to XML External Entity (XXE) attacks. The vulnerability exists as the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors.
References
lists.opensuse.org/opensuse-security-announce/2015-05/msg00020.html
rhn.redhat.com/errata/RHSA-2015-0957.html
www.securityfocus.com/bid/74595
access.redhat.com/errata/RHSA-2015:0957
access.redhat.com/security/cve/CVE-2014-8162
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1187339
rhn.redhat.com/errata/RHSA-2015-0957.html
Related
prion
prion
Xxe
2015-05-14 14:59:00
cve
cve
CVE-2014-8162
2015-05-14 14:59:05
cvelist
cvelist
CVE-2014-8162
2015-05-14 14:00:00
nessus
nessus
RHEL 6 : Satellite Server (RHSA-2015:0957)
2015-05-12 00:00:00
redhat
redhat
(RHSA-2015:0957) Moderate: spacewalk-java security update
2015-05-11 00:00:00
nvd
nvd
CVE-2014-8162
2015-05-14 14:59:05
suse
suse
Security update for SUSE Manager Server 1.7 (important)
2015-05-22 00:05:32