VYPR

Cfme

by Manageiq

CVEs (2)

  • CVE-2018-10905HigJul 24, 2018
    risk 0.51cvss 7.8epss 0.00

    CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user.

  • CVE-2014-0197Dec 13, 2019
    risk 0.00cvss epss 0.01

    CFME: CSRF protection vulnerability via permissive check of the referrer header