Code injection

2018-05-0119:29:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.0%

JSON

Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering attacks by leveraging use of a static secret_token.rb secret.

CPENameOperatorVersion
cloudforms_management_engineeq2.0

CPE	Name	Operator	Version
	cloudforms_management_engine	eq	2.0

References

bugzilla.redhat.com/show_bug.cgi?id=959041