CVE-2016-5402
published 2018-10-31CVE-2016-5402: A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the…
high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to execute arbitrary code as the user CFME runs as.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | cloudforms | — | — |
| redhat | cloudforms_management_engine | — | — |