1 results (0.002 seconds)

CVSS: 6.0EPSS: 1%CPEs: 8EXPL: 2

The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to execute arbitrary code via unspecified vectors, related to backticks. La consola de sensores de monitorización en spacewalk-java anterior a 2.1.148-1 y Red Hat Network (RHN) Satellite 4.0.0 hasta 4.2.0 y 5.1.0 hasta 5.3.0 y Proxy 5.3.0, permite a usuarios remotos autenticados con permisos para administrar sensores de monitorización ejecutar código arbitrario a través de vectores no especificados, relacionado con backticks. • http://secunia.com/advisories/56952 https://bugzilla.redhat.com/attachment.cgi?id=819987&action=diff https://bugzilla.redhat.com/show_bug.cgi?id=607712 https://git.fedorahosted.org/cgit/spacewalk.git/commit/?id=18c70164285cae0660fa3ac55c6656bb19b3b13f https://git.fedorahosted.org/cgit/spacewalk.git/commit/?id=c41c87a9dc9dac771eb761dd63ada05b2f9104f9 https://www.suse.com/support/update/announcement/2014/suse-su-20140222-1.html • CWE-20: Improper Input Validation •