2 matches found
CVE-2014-7814
SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine CFME 5.3 allows remote authenticated users to execute arbitrary SQL commands via a crafted REST API request to an SQL filter...
CVE-2014-7814
CVE-2014-7814 is a SQL injection vulnerability affecting Red Hat CloudForms Management Engine (CFME) 3.1/5.3 (CFME) where an authenticated user can send crafted REST API requests to an SQL filter to execute arbitrary SQL on the CFME database. The issue arises from REST API exposure of SQL filters...