XML Internal Entity Vulnerability in Spacewalk by Red Hat
CVE-2020-1693

8.6HIGH

Key Information:

Vendor
Red Hat
Status
Spacewalk
Vendor
CVE Published:
17 February 2020

Summary

A vulnerability exists in Spacewalk versions prior to 2.9, where the application is susceptible to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker can exploit this flaw to extract sensitive information from certain files and may also trigger a denial of service. In some scenarios, this vulnerability could lead to the execution of arbitrary code on the Spacewalk server, compromising the integrity and security of the system.

Affected Version(s)

spacewalk All spacewalk versions up 2.9

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693
x_refsource_CONFIRM
https://github.com/spacewalkproject/spacewalk/commit/74e2...
x_refsource_MISC
https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exp...
x_refsource_MISC

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.