NVD

Id
31803  
Name
CVE-2014-3642  
Description
vmdb/app/controllers/application_controller/performance.rb in Red Hat CloudForms 3.1 Management Engine (CFME) before 5.3 allows remote authenticated users to gain privileges via unspecified vectors, related to an "insecure send method."  
Reject
 
CVSS Version
2  
CVSS Score
6.5  
Severity
Medium  
CVSS Base Score
6.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2014-10-06  
Modified Date
2014-10-07  
Seq
2014-3642  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
167623 31803 CVE-2014-3642 RHSA-2014:1317  View
167624 31803 CVE-2014-3642 https://bugzilla.redhat.com/show_bug.cgi?id=1092894  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
15673 JVNDB-2014-004548 Red Hat CloudForms Management Engine の vmdb/app/controllers/application_controller/performance.rb における権限を取得される脆弱性 Red Hat CloudForms Management Engine (CFME) の vmdb/app/controllers/application_controller/performance.rb には、"安全でない send メソッド" に関する処理に不備があるため、権限を取得される脆弱性が存在します。 CVE-2014-3642 70930 CVE-2014-3642 31803 6.5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004548.html 2014-10-02 2014-10-08 View