CVE-2014-8162

Published: May 14, 2015Modified: May 6, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors.

Affected (2)

Products: Redhat: Network Satellite · Suse: Manager

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Network Satellite	Up to 5.7

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Suse Manager	Version 1.7

References (6)

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00020.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2015-0957.html

Source: secalert@redhat.com

Vendor Advisory

http://www.securityfocus.com/bid/74595

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00020.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2015-0957.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/74595

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.