XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors.
References
Configurations
History
13 Feb 2023, 00:44
Type | Values Removed | Values Added |
---|---|---|
Summary | XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified impact via unknown vectors. | |
References |
|
02 Feb 2023, 20:19
Type | Values Removed | Values Added |
---|---|---|
Summary | It was found that the RPC interface in Satellite would resolve external entities, allowing an attacker to conduct XML External Entity (XXE) attacks. A remote attacker could use this flaw to read files accessible to the user running the Satellite server, and potentially perform other more advanced XXE attacks. | |
References |
|
Information
Published : 2015-05-14 14:59
Updated : 2023-12-10 11:46
NVD link : CVE-2014-8162
Mitre link : CVE-2014-8162
CVE.ORG link : CVE-2014-8162
JSON object : View
Products Affected
suse
- manager
redhat
- network_satellite
CWE