Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-3485

Опубликовано: 30 июн. 2014
Источник: redhat
CVSS2: 4

Описание

The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-611
https://bugzilla.redhat.com/show_bug.cgi?id=1107472ovirt-engine-api: XML eXternal Entity (XXE) flaw

4 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2014-3485

nvd
больше 11 лет назад

The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

github логотип

GHSA-6g69-jrpm-4wp2

github
больше 3 лет назад

The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

4 Medium

CVSS2