Vulnerabilities > Redhat > Cloudforms Management Engine > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-07 | CVE-2016-7040 | Improper Access Control vulnerability in Redhat Cloudforms Management Engine 4.1 Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections. | 9.0 |
| 2013-09-28 | CVE-2013-2068 | Path Traversal vulnerability in Redhat Cloudforms Management Engine 5.1 Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. | 9.4 |