Vulnerabilities > Redhat > Cloudforms Management Engine > 5.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-11 | CVE-2020-14324 | OS Command Injection vulnerability in Redhat Cloudforms Management Engine A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0. | 9.1 |
| 2020-06-22 | CVE-2019-14894 | Unspecified vulnerability in Redhat Cloudforms Management Engine 5.10/5.11 A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup. | 7.2 |
| 2019-06-27 | CVE-2019-10177 | Cross-site Scripting vulnerability in Redhat Cloudforms Management Engine 5.10/5.9 A stored cross-site scripting (XSS) vulnerability was found in the PDF export component of CloudForms, versions 5.9 and 5.10, due to user input is not properly sanitized. | 6.5 |
| 2019-06-12 | CVE-2017-15123 | Missing Authentication for Critical Function vulnerability in Redhat Cloudforms Management Engine A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, where the RSS feed URLs are not properly restricted to authenticated users only. | 5.3 |