CVE-2014-2935
NONE EPSS 90.1%
Published May 8, 201412y ago · Modified Jun 17, 20262w ago
Published May 8, 2014 12y ago
Last Modified Jun 17, 2026 2w ago
Description
costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request.
Threat Intelligence
EPSS Exploit Probability
90.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-78 OS Command Injection Injection
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| caldera | caldera | 9.20 | any |
References 2
- kb.cert.org http://www.kb.cert.org/vuls/id/693092
- securityfocus.com http://www.securityfocus.com/bid/67252
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.