Vulnerabilities > Redhat > Cloudforms Management Engine > 5.9

DATE CVE VULNERABILITY TITLE RISK
2020-08-11 CVE-2020-14324 OS Command Injection vulnerability in Redhat Cloudforms Management Engine
A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0.
network
low complexity
redhat CWE-78
critical
9.1
2019-12-13 CVE-2014-0197 Cross-Site Request Forgery (CSRF) vulnerability in Redhat Cloudforms and Cloudforms Management Engine
CFME: CSRF protection vulnerability via permissive check of the referrer header
network
low complexity
redhat CWE-352
8.8
2019-11-22 CVE-2018-10854 Unspecified vulnerability in Redhat Cloudforms Management Engine 4.7/5.8/5.9
cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting.
network
low complexity
redhat
5.4
2019-06-27 CVE-2019-10177 Cross-site Scripting vulnerability in Redhat Cloudforms Management Engine 5.10/5.9
A stored cross-site scripting (XSS) vulnerability was found in the PDF export component of CloudForms, versions 5.9 and 5.10, due to user input is not properly sanitized.
network
low complexity
redhat CWE-79
6.5
2019-06-12 CVE-2017-15123 Missing Authentication for Critical Function vulnerability in Redhat Cloudforms Management Engine
A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, where the RSS feed URLs are not properly restricted to authenticated users only.
network
low complexity
redhat CWE-306
5.3
2018-07-27 CVE-2017-15125 Cross-site Scripting vulnerability in Redhat Cloudforms Management Engine
A flaw was found in CloudForms before 5.9.0.22 in the self-service UI snapshot feature where the name field is not properly sanitized for HTML and JavaScript input.
network
low complexity
redhat CWE-79
5.4
2018-07-24 CVE-2018-10905 OS Command Injection vulnerability in Redhat Cloudforms and Cloudforms Management Engine
CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms.
local
low complexity
redhat CWE-78
7.8