The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-07-11T14:00:00

Updated: 2024-08-06T10:43:06.139Z

Reserved: 2014-05-14T00:00:00

Link: CVE-2014-3485

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-07-11T14:55:03.680

Modified: 2023-02-13T00:39:30.930

Link: CVE-2014-3485

cve-icon Redhat

Severity : Moderate

Publid Date: 2014-06-30T00:00:00Z

Links: CVE-2014-3485 - Bugzilla