CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0136

The (1) get and (2) log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine (CFME) 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.5%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2014-0136

Redhat » Cloudforms 3.0 Management Engine » Version: N/A

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:-
Redhat » Cloudforms 3.0 Management Engine » Version: 5.2

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2
Redhat » Cloudforms 3.0 Management Engine » Version: 5.2.1

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.1
Redhat » Cloudforms 3.0 Management Engine » Version: 5.2.1.6

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.1.6
Redhat » Cloudforms 3.0 Management Engine » Version: 5.2.2

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.2
Redhat » Cloudforms 3.0 Management Engine » Version: 5.2.3

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.3
Redhat » Cloudforms 3.0 Management Engine » Version: 5.2.3.2

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.3.2
Redhat » Cloudforms 3.0 Management Engine » Version: 5.2.4

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.4
Redhat » Cloudforms 3.0 Management Engine » Version: 5.2.4.2

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.4.2
Redhat » Cloudforms 3.0 Management Engine » Version: 5.2.5.3

cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2.5.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0136

Products

Pricing

Contact Us