PT-2018-4930 · Unknown+2 · Cfme+3

Adam Mariš

Publicado

2018-10-31

Atualizado

2023-02-12

CVE-2016-5402

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions No specific software or version information is provided.

Description A code injection flaw was found in the way capacity and utilization imported control files are processed. This could allow a remote, authenticated attacker with access to the capacity and utilization feature to execute arbitrary code as the user CFME runs as.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2016-5402

RHSA-2016:2839

Produtos afetados

Cfme

Cloudforms

Cloudforms Management Engine

Manageiq

PT-2018-4930 · Unknown+2 · Cfme+3

CVE-2016-5402

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5