Vulnerabilities > CVE-2014-3489 - Credentials Management vulnerability in Redhat Cloudforms 3.0 Management Engine
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force attack.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Redhat
advisories |
| ||||
rpms |
|