Redhat Cloudforms Management Engine vulnerabilities

CVE-2013-2068 [CRITICAL] CWE-22 CVE-2013-2068: Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.

CVE-2013-4172 [HIGH] CWE-94 CVE-2013-4172: The Red Hat CloudForms Management Engine 5.1 allow remote administrators to execute arbitrary Ruby c The Red Hat CloudForms Management Engine 5.1 allow remote administrators to execute arbitrary Ruby code via unspecified vectors.