CVE-2014-3593
luci 0.26.0 - Authenticated Remote Code Execution via Cluster Configuration
Title source: llmDescription
Eval injection vulnerability in luci 0.26.0 allows remote authenticated users with certain permissions to execute arbitrary Python code via a crafted cluster configuration.
References (2)
Core 2
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=989005
Vendor Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-1390.html
Scores
EPSS
0.0136
EPSS Percentile
68.3%
Details
CWE
CWE-94
Status
published
Products (1)
scientificlinux/luci
0.26.0
Published
Oct 15, 2014
Tracked Since
Feb 18, 2026