Vulnerabilities > Redhat > Cloudforms Management Engine > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-07-06 CVE-2014-8164 Improper Certificate Validation vulnerability in Redhat Cloudforms Management Engine 5.0
A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.
network
low complexity
redhat CWE-295
critical
9.1
2020-08-11 CVE-2020-14324 OS Command Injection vulnerability in Redhat Cloudforms Management Engine
A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0.
network
low complexity
redhat CWE-78
critical
9.1