Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatCloudforms Management Engine5.8

3 matches found

CVE
CVEadded 2018/07/24 1:29 p.m.86 views

CVE-2018-10905

CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user.

7.8CVSS7.3AI score0.00127EPSS
CVE
CVEadded 2019/11/22 12:15 p.m.66 views

CVE-2018-10854

cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field.

6.5CVSS5.1AI score0.00261EPSS
CVE
CVEadded 2018/07/27 1:29 p.m.55 views

CVE-2017-2639

It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with Red Hat Virtualization (RHEV) and OpenShift. This would allow an attacker to spoof RHEV or OpenShift systems and potentially harvest sensiti...

7.5CVSS7.3AI score0.00537EPSS