CVE-2014-0078

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 12-05-2014 02:00

Last modified: - 12-05-2014 02:00

Total changes: - 8

Description

CVE-2014-0078 CFME: multiple authorization bypass vulnerabilities in CatalogController

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:S/C:N/I:N/A:P

Low

Attack complexity

Network

Attack vector

Low

Availability

None

Confidentiality

None

Integrity

Privileges required

Scope

User interaction

4.0

Base score

Exploitability score

Impact score

Verification logic

AND

product=cfme-0 AND versionEndExcluding=5.2.3.2-1.el6cf

vendor=cloudforms_managementengine AND product=5 AND version=

AND

product=postgresql92-postgresql-0 AND versionEndExcluding=9.2.7-1.1.el6

vendor=cloudforms_managementengine AND product=5 AND version=

AND

product=prince-0 AND versionEndExcluding=9.0r2-4.el6cf

vendor=cloudforms_managementengine AND product=5 AND version=

AND

product=ruby193-rubygem-actionpack-1 AND versionEndExcluding=3.2.13-6.el6cf

vendor=cloudforms_managementengine AND product=5 AND version=

Reference

Keywords

CVE-2014-0078

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

REDHAT

CVE-2014-0078

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures