RHEL 7 : Virtualization (RHSA-2018:2317)
High Nessus Plugin ID 111514
SynopsisThe remote Red Hat host is missing one or more security updates.
DescriptionAn update for xmlrpc is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
XML-RPC is a way to make remote procedure calls over the Internet. It converts procedure calls into XML documents, sends them to a remote server using the HTTP protocol, and gets back the response as XML.
The following packages have been upgraded to a later upstream version:
xmlrpc (3.1.3). (BZ#1594618)
Security Fix(es) :
* xmlrpc: Deserialization of untrusted Java object through tag (CVE-2016-5003)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
SolutionUpdate the affected packages.