Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2014-7814
- EPSS 0.31%
- Published 16.01.2015 16:59:07
- Last modified 12.04.2025 10:46:40
SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 allows remote authenticated users to execute arbitrary SQL commands via a crafted REST API request to an SQL filter.
- EPSS 1.71%
- Published 16.01.2015 16:59:01
- Last modified 12.04.2025 10:46:40
The customization template in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 uses a default password for the root account when a password is not specified for a new image, which allows remote attackers to gain privileges.
1