CVE-2014-0087

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 04-02-2015 01:00

Last modified: - 04-02-2015 01:00

Total changes: - 9

Description

CVE-2014-0087 CFME: check_privileges logic error resulting in privilege escalation

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:S/C:P/I:P/A:P

Low

Attack complexity

Network

Attack vector

Low

Availability

Low

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

6.5

Base score

Exploitability score

Impact score

Verification logic

AND

product=cfme-0 AND versionEndExcluding=5.3.2.6-1.el6cf

vendor=cloudforms_managementengine AND product=5 AND version=

AND

product=ruby193-rubygem-fog-0 AND versionEndExcluding=1.19.0-2.el6cf

vendor=cloudforms_managementengine AND product=5 AND version=

AND

product=ruby193-rubygem-linux_admin-0 AND versionEndExcluding=0.9.4-1.el6cf

vendor=cloudforms_managementengine AND product=5 AND version=

Reference

Keywords

CVE-2014-0087

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

REDHAT

CVE-2014-0087

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures