Lucene search
Veracode Vulnerability DatabaseVERACODE:15646HistoryMay 02, 2019 - 5:03 a.m.
SQL Injection
2019-05-0205:03:09
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
EPSS
0.001
Percentile
46.5%
CFME is vulnerable to SQL injection. An input sanitization flaw was found in the saved_report_delete action in the ReportController. An authenticated Management Engine user could use this flaw to perform an SQL injection attack on the Management Engine back end database.
References
rhn.redhat.com/errata/RHSA-2014-0469.html
access.redhat.com/errata/RHSA-2014:0469
access.redhat.com/security/cve/CVE-2014-0137
access.redhat.com/security/updates/classification/#important
access.redhat.com/site/documentation/en-US/CloudForms/3.0/html/Management_Engine_5.2_Technical_Notes/index.html
bugzilla.redhat.com/show_bug.cgi?id=1076688
rhn.redhat.com/errata/RHSA-2014-0469.html
Related
prion
prion
Sql injection
2014-05-14 19:55:00
cvelist
cvelist
CVE-2014-0137
2014-05-14 19:00:00
nvd
nvd
CVE-2014-0137
2014-05-14 19:55:10
cve
cve
CVE-2014-0137
2014-05-14 19:55:10
redhat
redhat
(RHSA-2014:0469) Important: cfme security, bug fix, and enhancement update
2014-05-12 00:00:00