Skip to main content

Cloudforms 3 0 1 Management Engine

2 CVEs product

Monthly

CVE-2014-3642 MEDIUM This Month

vmdb/app/controllers/application_controller/performance.rb in Red Hat CloudForms 3.1 Management Engine (CFME) before 5.3 allows remote authenticated users to gain privileges via unspecified vectors,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Cloudforms 3 0 1 Management Engine Cloudforms 3 0 2 Management Engine Cloudforms 3 0 3 Management Engine +3
NVD
CVSS 2.0
6.5
EPSS
0.5%
CVE-2014-0140 MEDIUM This Month

Red Hat CloudForms 3.1 Management Engine (CFME) before 5.3 allows remote authenticated users to access sensitive controllers and actions via a direct HTTP or HTTPS request. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Cloudforms 3 0 1 Management Engine Cloudforms 3 0 2 Management Engine Cloudforms 3 0 3 Management Engine +3
NVD
CVSS 2.0
4.0
EPSS
0.2%
EPSS 1% CVSS 6.5
MEDIUM This Month

vmdb/app/controllers/application_controller/performance.rb in Red Hat CloudForms 3.1 Management Engine (CFME) before 5.3 allows remote authenticated users to gain privileges via unspecified vectors,. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Cloudforms 3 0 1 Management Engine +5
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Red Hat CloudForms 3.1 Management Engine (CFME) before 5.3 allows remote authenticated users to access sensitive controllers and actions via a direct HTTP or HTTPS request. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Cloudforms 3 0 1 Management Engine +5
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy