exploitDog

CVE-2016-5383

Опубликовано: 26 авг. 2016

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."

Ссылки

http://rhn.redhat.com/errata/RHSA-2016-1634.html
Vendor Advisory
http://www.securityfocus.com/bid/92585
Third Party Advisory
VDB Entry
http://rhn.redhat.com/errata/RHSA-2016-1634.html
Vendor Advisory
http://www.securityfocus.com/bid/92585
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:cloudforms:4.1:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01452

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

CVE-2016-5383

CVSS3: 7.7

redhat

больше 9 лет назад

The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."

GHSA-8vfr-r3m3-8998

CVSS3: 8.8

github

больше 3 лет назад

The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."

EPSS

Процентиль: 80%

0.01452

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-284