← Back

Cloudforms 3.1 Management Engine

cloudforms_3.1_management_engine

Vendor: Redhat • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2014-7814
1Redhat
1Cloudforms 3.1 Management Engine
May 6, 2026
Jan 16, 2015
N/A· v4
N/A· v3
6.5 MEDIUM· v2
SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 allows remote authenticated users to execute arbitrary SQL commands via a crafted REST API request to an SQL filter.
CVE-2014-3692
1Redhat
1Cloudforms 3.1 Management Engine
May 6, 2026
Jan 16, 2015
N/A· v4
N/A· v3
10.0 HIGH· v2
The customization template in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 uses a default password for the root account when a password is not specified for a new image, which allows remote attackers to gain privi...Show more
The customization template in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 uses a default password for the root account when a password is not specified for a new image, which allows remote attackers to gain privileges.Show less