exploitDog

CVE-2013-2050

Опубликовано: 11 янв. 2014

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter in an explorer action.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:cloudforms_management_engine:5.1:*:*:*:*:*:*:*

cpe:2.3:a:redhat:manageiq_enterprise_virtualization_manager:*:*:*:*:*:*:*:*

Версия до 5.0 (включая)

EPSS

Процентиль: 98%

0.54161

Средний

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

CVE-2013-2050

redhat

около 12 лет назад

SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter in an explorer action.

GHSA-h3r2-9qhv-2vw2

github

больше 3 лет назад

SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter in an explorer action.

EPSS

Процентиль: 98%

0.54161

Средний

7.5 High

CVSS2

Дефекты

CWE-89