Back to search
CVE-2014-3573
Published: Oct 18, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The oVirt Engine backend module, as used in Red Hat Enterprise Virtualization Manager before 3.4.2, uses an "insecure DocumentBuilderFactory," which allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML/RSDL document, related to an XML External Entity (XXE) issue.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1030807
vdb-entry
x_refsource_SECTRACK
RHSA-2014:1161
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now