CVE-2014-0136: Input Validation
First published: Mon Oct 27 2014(Updated: )
The (1) get and (2) log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine (CFME) 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Cloudforms 3.0 Management Engine | <=5.2.5.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/author
- agent/description
- agent/tags
- agent/type
- agent/references
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/redhat
- canonical/redhat cloudforms 3.0 management engine
- version/redhat cloudforms 3.0 management engine/5.2.5.3