CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

NVD•added 2014/10/27 1:55 a.m.•8 views

CVE-2014-0136

The 1 get and 2 log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine CFME 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors...

5CVSS6.8AI score0.00243EPSS

Exploits0References2

Prion•added 2014/10/27 1:55 a.m.•15 views

Code injection

The 1 get and 2 log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine CFME 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors...

5CVSS7.2AI score0.00243EPSS

Exploits0References2Affected Software1

Cvelist•added 2014/10/27 1:0 a.m.•11 views

CVE-2014-0136

The 1 get and 2 log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine CFME 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors...

6.8AI score0.00243EPSS

Exploits0References2

Positive Technologies•added 2014/10/27 12:0 a.m.•4 views

PT-2014-3494 · Red Hat · Red Hat Cloudforms

Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms 3.0 Management Engine CFME version 5.x Description: The issue concerns the AgentController in Red Hat CloudForms 3.0 Management Engine CFME, where the get and log methods allow remote attackers to insert arbitrary text into...

5CVSS6.7AI score0.00243EPSS

Exploits0References3

RedHat Linux•added 2014/08/13 6:18 p.m.•3 views

CFME: AgentController get/log application log forging

It was found that the get and log methods of the AgentController wrote log messages without sanitizing user input. A remote attacker could use this flaw to insert arbitrary content into the log files written to by AgentController...

5CVSS5.9AI score0.00243EPSS

Exploits0References4

RedHat Linux•added 2014/08/13 6:18 p.m.•23 views

Moderate: Red Hat Security Advisory: cfme security and bug fix update

Updated cfme packages that fix one security issue and several bugs are now available for Red Hat CloudForms 3.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

5CVSS6AI score0.00243EPSS

Exploits0References4

Check Point Advisories•added 2014/05/14 12:0 a.m.•3 views

Red Hat CloudForms AgentController Directory Traversal (CVE-2013-2068)

A directory traversal vulnerability has been reported in Red Hat CloudForms. This vulnerability is due to improper sanitization of of the "filename" GET parameter passed to the "linuxpkgs" method of the AgentController. A remote unauthenticated attacker can exploit this vulnerability by sending...

9.4CVSS6.5AI score0.78463EPSS

Exploits4

Prion•added 2013/09/28 7:55 p.m.•15 views

Directory traversal

Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. dot dot in the filename parameter to the 1 log, 2 upload, or 3 linuxpkgs method...

9.4CVSS7.4AI score0.78463EPSS

Exploits4References3Affected Software1

Positive Technologies•added 2013/09/11 12:0 a.m.•1 views

PT-2013-5212 · Hewlett Packard · Hp Procurve Manager +2

Name of the Vulnerable Software and Affected Versions: HP ProCurve Manager versions 3.20 through 4.0 HP PCM+ versions 3.20 through 4.0 Identity Driven Manager version 4.0 Description: The issue allows remote attackers to execute arbitrary commands via a HEAD request. This is related to the Agent...

10CVSS8AI score0.06402EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by