CVE-2014-8162

Name of the Vulnerable Software and Affected Versions Red Hat Network Satellite versions 5.7 and earlier Spacewalk versions 5.7 and earlier

Description The issue is related to an XML external entity (XXE) in the RPC interface. This allows remote attackers to read arbitrary files and possibly have other unspecified impact.

Recommendations For Red Hat Network Satellite versions 5.7 and earlier, update to a version later than 5.7. For Spacewalk versions 5.7 and earlier, update to a version later than 5.7. As a temporary workaround, consider restricting access to the RPC interface until a patch is available.