CVE-2014-7814

Description

SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 allows remote authenticated users to execute arbitrary SQL commands via a crafted REST API request to an SQL filter.

References

http://secunia.com/advisories/62255

http://rhn.redhat.com/errata/RHSA-2015-0028.html

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS