Security Advisory

CVE-2014-0137

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-05-14 19:00:00

Last updated 2024-08-06 09:05:38

Assigner redhat

State PUBLISHED

Description

SQL injection vulnerability in the saved_report_delete action in the ReportController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related to MiqReportResult.exists.

← Browse all CVEs View on cve.org ↗