Lucene search
HistoryJan 15, 2015 - 3:59 p.m.
CVE-2014-7811
cve-2014-7811
cross-site scripting
xss
spacewalk
red hat network
rhn satellite
rest api
security vulnerability
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.9%
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API.
Affected configurations
Node
redhatnetwork_satelliteRange≤5.6
ORredhatspacewalkMatch-
Node
susemanagerMatch1.7
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:network_satellite | redhat network satellite | le | 5.6 |
| redhat:spacewalk | redhat spacewalk | eq | - |
Related
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 09:04:03
Cross-site Scripting (XSS)
2019-01-15 09:11:03
cvelist
cvelist
CVE-2014-7811
2015-01-15 15:00:00
CVE-2015-0284
2016-04-14 14:00:00
prion
prion
Cross site scripting
2015-01-15 15:59:00
Cross site scripting
2016-04-14 14:59:00
nvd
nvd
CVE-2014-7811
2015-01-15 15:59:01
CVE-2015-0284
2016-04-14 14:59:00
redhat
redhat
(RHSA-2015:0033) Moderate: Red Hat Satellite 5.7.0 General Availability
2015-01-12 16:57:43
nessus
nessus
RHEL 6 : Satellite Server (RHSA-2015:0033)
2015-01-14 00:00:00
cve
cve
CVE-2015-0284
2016-04-14 14:59:00
suse
suse
Security update for SUSE Manager Server 1.7 (important)
2015-05-22 00:05:32
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.9%
Related for CVE-2014-7811