The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2014-0814.html | Vendor Advisory |
http://www.securitytracker.com/id/1030501 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-07-11T14:00:00
Updated: 2014-07-11T13:57:00
Reserved: 2014-05-14T00:00:00
Link: CVE-2014-3485
JSON object: View
NVD Information
Status : Modified
Published: 2014-07-11T14:55:03.680
Modified: 2023-02-13T00:39:30.930
Link: CVE-2014-3485
JSON object: View
Redhat Information
No data.
CWE