CVE-2014-0057 — Vulnetix

Try Vulnetix Request Demo

CVE-2014-0057 PUBLISHED CVSS 7.5 HIGH

The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unspecified vectors.

EPSS 0.70% · 71.9th percentile

Risk Scores

CVSS v2.0

7.5

EPSS Score

0.70%

71.9th percentile

Affected Products

Vendor	Product	Versions
redhat	cloudforms_3.0_management_engine	5.2
redhat	cloudforms	3.0
n/a	n/a	n/a

Timeline

Mar 18, 2014 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

RHSA-2014:0215 vendor-advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1064140 url
57376 third-party-advisory
https://nvd.nist.gov/vuln/detail/CVE-2014-0057 advisory
https://access.redhat.com/errata/RHSA-2014:0215 url
https://access.redhat.com/security/cve/CVE-2014-0057 url

Open in Interactive Console →