Vulnerability CVE-2013-2050

Vulnerability CVE-2013-2050

Published: 2014-01-10 Modified: 2014-01-11

Description:

	Topic	Author	Date
Med.	Red Hat CloudForms Management Engine 5.1 miq_policy/explorer SQL Injection	Ramon de C Valle	28.12.2013

Type:

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

Affected software
Redhat -> Cloudforms management engine
Redhat -> Manageiq enterprise virtualization manager

https://bugzilla.redhat.com/show_bug.cgi?id=959062

http://xforce.iss.net/xforce/xfdb/89984

http://www.securityfocus.com/bid/64524

http://secunia.com/advisories/56181

http://packetstormsecurity.com/files/124609/cfme_manageiq_evm_pass_reset.rb.txt