Manageiq Enterprise Virtualization Manager

manageiq_enterprise_virtualization_manager

Vendor: Redhat • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-0186 1Redhat 2Cloudforms Manageiq Enterprise Virtualization Manager Nov 21, 2024 Nov 1, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-0185 1Redhat 1Manageiq Enterprise Virtualization Manager Nov 21, 2024 May 1, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise Virtualization Manager (EVM) allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vect...Show more Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise Virtualization Manager (EVM) allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.Show less
CVE-2013-2050 1Redhat 2Cloudforms Management Engine Manageiq Enterprise Virtualization Manager Apr 29, 2026 Jan 11, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute...Show more SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter in an explorer action.Show less