CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-7814 – CFME: REST API SQL Injection
https://notcve.org/view.php?id=CVE-2014-7814
SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 allows remote authenticated users to execute arbitrary SQL commands via a crafted REST API request to an SQL filter. Vulnerabilidad de inyección SQL en Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través de una solicitud API REST manipulada en un filtro SQL. It was found that CloudForms 4 exposed SQL filters via the REST API without any input escaping. An authenticated user could use this flaw to perform SQL injection attacks against the CloudForms Management Engine database. • http://rhn.redhat.com/errata/RHSA-2015-0028.html http://secunia.com/advisories/62255 https://access.redhat.com/security/cve/CVE-2014-7814 https://bugzilla.redhat.com/show_bug.cgi?id=1157881 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3692 – CFME: default fallback password in customization_templates.yml
https://notcve.org/view.php?id=CVE-2014-3692
The customization template in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 uses a default password for the root account when a password is not specified for a new image, which allows remote attackers to gain privileges. La plantilla customization en Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 utiliza una contraseña por defecto para la cuenta de root cuando no se especifca una contraseña para una imagen nueva, lo que permite a atacantes remotos ganar privilegios. It was found that the CloudForms Management Engine customization template used a default root password for newly created images if no root password was specified. • http://rhn.redhat.com/errata/RHSA-2015-0028.html http://secunia.com/advisories/62255 https://access.redhat.com/security/cve/CVE-2014-3692 https://bugzilla.redhat.com/show_bug.cgi?id=1151258 • CWE-255: Credentials Management Errors CWE-798: Use of Hard-coded Credentials •