1. CVE-Search
  2. CVE-2014-8162
ID CVE-2014-8162
Summary XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:network_satellite:-:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:-:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:3.7:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:4.1:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:4.2:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:5.1:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:5.2:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:5.3:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:5.4:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:5.5:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:5.6:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:network_satellite:5.7:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:network_satellite:5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:suse:manager:1.7:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 13-02-2023 - 00:44)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
rhsa
id RHSA-2015:0957
rpms
  • spacewalk-java-0:2.3.8-103.el6sat
  • spacewalk-java-config-0:2.3.8-103.el6sat
  • spacewalk-java-lib-0:2.3.8-103.el6sat
  • spacewalk-java-oracle-0:2.3.8-103.el6sat
  • spacewalk-java-postgresql-0:2.3.8-103.el6sat
  • spacewalk-setup-0:2.3.0-17.el6sat
  • spacewalk-taskomatic-0:2.3.8-103.el6sat
refmap via4
bid 74595
suse SUSE-SU-2015:0928
Last major update 13-02-2023 - 00:44
Published 14-05-2015 - 14:59
Last modified 13-02-2023 - 00:44
Back to Top