Security Advisory

CVE-2014-6261

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-12-15 17:27:00

Last updated 2024-08-06 12:10:13

Assigner mitre

State PUBLISHED

Description

Zenoss Core through 5 Beta 3 does not properly implement the Check For Updates feature, which allows remote attackers to execute arbitrary code by (1) spoofing the callhome server or (2) deploying a crafted web site that is visited during a login session, aka ZEN-12657.

← Browse all CVEs View on cve.org ↗