Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-3485

Опубликовано: 11 июл. 2014
Источник: nvd
CVSS2: 4
EPSS Низкий

Описание

The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:redhat:enterprise_virtualization:3.4:*:*:*:*:*:*:*

EPSS

Процентиль: 50%
0.00267
Низкий

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

redhat логотип

CVE-2014-3485

redhat
больше 11 лет назад

The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

github логотип

GHSA-6g69-jrpm-4wp2

github
больше 3 лет назад

The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

EPSS

Процентиль: 50%
0.00267
Низкий

4 Medium

CVSS2

Дефекты

CWE-200