CVE-2015-5164

The Qpid server on Red Hat Satellite 6 does not properly restrict message types, which allows remote authenticated users with administrative access on a managed content host to execute arbitrary code via a crafted message, related to a pickle processing problem in pulp.
References
Link Resource
https://pulp.plan.io/issues/23 Issue Tracking Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1247732 Issue Tracking Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:pulpproject:qpid:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:satellite:6.0:*:*:*:*:*:*:*

Information

Published : 2017-10-18 09:29

Updated : 2017-11-08 07:53


NVD link : CVE-2015-5164

Mitre link : CVE-2015-5164


JSON object : View

CWE
CWE-502

Deserialization of Untrusted Data

Advertisement

dedicated server usa

Products Affected

pulpproject

  • qpid

redhat

  • satellite