2 matches found
CVE-2016-5383
The CVE-2016-5383 issue affects Red Hat CloudForms Management Engine (CFME) 4.1, where the web UI did not properly filter input in certain fields, allowing remote authenticated attackers to execute arbitrary code on the host. Root cause: insufficient input filtering (listed as “Lack of field filt...
CVE-2015-7502
Summary: CVE-2015-7502 affects Red Hat CloudForms Management Engine (CFME) 3.2/5.4.4 and CFME 4.0/5.5.0. The issue is improper encryption of data stored in the backend PostgreSQL database, enabling local attackers to access sensitive information by exploiting access to database exports or log fil...