{ "threat_severity" : "Important", "public_date" : "2014-05-05T00:00:00Z", "bugzilla" : { "description" : "check-mk: multiple flaws fixed in versions 1.2.4p4 and 1.2.5i4", "id" : "1132337", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1132337" }, "cvss" : { "cvss_base_score" : "7.5", "cvss_scoring_vector" : "AV:N/AC:L/Au:N/C:P/I:P/A:P", "status" : "verified" }, "details" : [ "Multiple cross-site scripting (XSS) vulnerabilities in the multisite component in Check_MK before 1.2.4p4 and 1.2.5 before 1.2.5i4 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors to the (1) render_status_icons function in htmllib.py or (2) ajax_action function in actions.py." ], "affected_release" : [ { "product_name" : "Native Client for RHEL 5 for Red Hat Storage", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:2:client:el5", "package" : "glusterfs-0:3.7.1-11.el5" }, { "product_name" : "Native Client for RHEL 6 for Red Hat Storage", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3:client:el6", "package" : "glusterfs-0:3.7.1-11.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "augeas-0:1.0.0-10.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "check-mk-0:1.2.6p1-3.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "clufter-0:0.11.2-1.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "cluster-0:3.0.12.1-73.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "clustermon-0:0.16.2-31.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "corosync-0:1.4.7-2.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "ctdb2.5-0:2.5.5-7.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "fence-virt-0:0.2.3-19.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "glusterfs-0:3.7.1-11.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "gluster-nagios-addons-0:0.2.4-4.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "gluster-nagios-common-0:0.2.0-1.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "gstatus-0:0.64-3.1.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "libqb-0:0.17.1-1.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "libtalloc-0:2.1.1-4.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "libvirt-0:0.10.2-54.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "nagios-plugins-0:1.4.16-12.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "nagios-server-addons-0:0.2.1-4.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "nfs-ganesha-0:2.2.0-5.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "nrpe-0:2.15-4.1.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "openais-0:1.1.1-7.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "openstack-swift-0:1.13.1-4.el6ost" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "pacemaker-0:1.1.12-8.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "pcs-0:0.9.139-9.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "pnp4nagios-0:0.6.22-2.1.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "pynag-0:0.9.1-1.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "python-blivet-1:1.0.0.2-1.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "python-cpopen-0:1.3-4.el6_5" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "python-eventlet-0:0.14.0-1.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "python-greenlet-0:0.4.2-1.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "python-keystoneclient-1:0.9.0-5.el6ost" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "python-prettytable-0:0.7.2-1.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "python-pyudev-0:0.15-2.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "redhat-storage-logos-0:60.0.20-1.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "redhat-storage-server-0:3.1.0.3-1.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "resource-agents-0:3.9.5-24.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "ricci-0:0.16.2-81.el6" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "userspace-rcu-0:0.7.9-2.el6rhs" }, { "product_name" : "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date" : "2015-07-29T00:00:00Z", "advisory" : "RHSA-2015:1495", "cpe" : "cpe:/a:redhat:storage:3.1:nfs:el6", "package" : "vdsm-0:4.16.20-1.2.el6rhs" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2014-5338\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-5338" ], "name" : "CVE-2014-5338", "csaw" : false }