CVE-2014-8174

CWE-200Information Exposure6 documents5 sources
Severity
9.8CRITICAL
EPSS
2.8%
top 13.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Edeploy
Timeline
PublishedSep 19
Latest updateMay 17

Description

eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

NVDredhat/edeploy1.11.0

🔴Vulnerability Details

2
GHSA
GHSA-pcpj-m2cg-49x4: eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files2022-05-17
CVEList
CVE-2014-8174: eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP to download files2017-09-19

🕵️Threat Intelligence

1
Securelist
Delving deep into VBScript2018-07-03

💬Community

1
Bugzilla
CVE-2014-8174 eDeploy enovance: use of HTTP to download sensitive files2015-03-17