Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2014-0137
- EPSS 0.39%
- Published 14.05.2014 19:55:10
- Last modified 12.04.2025 10:46:40
SQL injection vulnerability in the saved_report_delete action in the ReportController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related t...
7.5
CVE-2014-0057
- EPSS 0.7%
- Published 18.03.2014 17:02:52
- Last modified 12.04.2025 10:46:40
The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unspecified vectors.
6.8
CVE-2013-6443
- EPSS 0.1%
- Published 23.01.2014 01:55:03
- Last modified 11.04.2025 00:51:21
CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destructive action in a request.