Описание
Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5.
It was found that an XMLRPC interface exposed by Satellite could allow an attacker to write arbitrary files and directories under the /var/satellite directory on the Satellite server.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Satellite 5 | Security | Affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=1187340Satellite5: upload_crash_file and upload_result directory traversal
EPSS
Процентиль: 71%
0.00684
Низкий
4.9 Medium
CVSS2
Связанные уязвимости
CVSS3: 6.5
nvd
больше 8 лет назад
Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5.
CVSS3: 6.5
github
больше 3 лет назад
Directory traversal vulnerability in the XMLRPC interface in Red Hat Satellite 5.
EPSS
Процентиль: 71%
0.00684
Низкий
4.9 Medium
CVSS2