Unknown · Cfme · CVE-2016-5402
**Name of the Vulnerable Software and Affected Versions**
No specific software or version information is provided.
**Description**
A code injection flaw was found in the way capacity and utilization imported control files are processed. This could allow a remote, authenticated attacker with access to the capacity and utilization feature to execute arbitrary code as the user CFME runs as.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.