CVE-2013-2050 — Vulnetix

CVE-2013-2050 PUBLISHED

Reported by redhat · Published January 11, 2014

SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter in an explorer action.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a

Exploit Intelligence

http://packetstormsecurity.com/files/124609/cfme_manageiq_evm_pass_reset.rb.txt (nist-nvd)
http://www.securityfocus.com/bid/64524 (nist-nvd)

Timeline

Jan 11, 2014 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Feb 3, 2023 EPSS Score
Feb 8, 2023 EPSS Score
Feb 13, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score
Jul 16, 2023 EPSS Score

References

x_refsource_MISC
56181 third-party-advisoryx_refsource_SECUNIA
64524 vdb-entryx_refsource_BID
cloudforms-cve20132050-sql-injection(89984) vdb-entryx_refsource_XF
x_refsource_CONFIRM

Open in Interactive Console →