exploitDog

CVE-2014-0057

Опубликовано: 18 мар. 2014

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unspecified vectors.

Ссылки

http://rhn.redhat.com/errata/RHSA-2014-0215.html
Vendor Advisory
http://secunia.com/advisories/57376
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1064140
http://rhn.redhat.com/errata/RHSA-2014-0215.html
Vendor Advisory
http://secunia.com/advisories/57376
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1064140

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:cloudforms:3.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00703

Низкий

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

CVE-2014-0057

redhat

почти 12 лет назад

The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unspecified vectors.

GHSA-6m4c-55qp-f477

github

больше 3 лет назад

The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unspecified vectors.

EPSS

Процентиль: 72%

0.00703

Низкий

7.5 High

CVSS2

Дефекты

CWE-94