CVE-2014-0136

Опубликовано: 27 окт. 2014

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The (1) get and (2) log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine (CFME) 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors.

Ссылки

http://rhn.redhat.com/errata/RHSA-2014-1037.html
Vendor Advisory
http://www.securityfocus.com/bid/69233
http://rhn.redhat.com/errata/RHSA-2014-1037.html
Vendor Advisory
http://www.securityfocus.com/bid/69233

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:*:*:*:*:*:*:*:*

Версия до 5.2.5.3 (включая)

EPSS

Процентиль: 47%

0.00243

Низкий

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2014-0136

redhat

больше 11 лет назад

The (1) get and (2) log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine (CFME) 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors.

GHSA-xf8w-qcq9-6w6f

github

больше 3 лет назад

The (1) get and (2) log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine (CFME) 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors.

EPSS

Процентиль: 47%

0.00243

Низкий

5 Medium

CVSS2

Дефекты

CWE-20