Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cloudforms_3\.0_management_engine
(Redhat)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-10-27 | CVE-2014-0136 | The (1) get and (2) log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine (CFME) 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors. | Cloudforms_3\.0_management_engine | N/A | ||
| 2017-10-18 | CVE-2014-7813 | Red Hat CloudForms 3 Management Engine (CFME) allows remote authenticated users to cause a denial of service (resource consumption) via vectors involving calls to the .to_sym rails function and lack of garbage collection of inserted symbols. | Cloudforms_3\.0_management_engine | 6.5 | ||
| 2014-01-23 | CVE-2013-6443 | CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destructive action in a request. | Cloudforms, Cloudforms_3\.0_management_engine | N/A |