Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The (1) shell_exec function in lib/util/MiqSshUtilV1.rb and (2) temp_cmd_file function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allow local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat CloudForms Management Engine 后置链接漏洞
Vulnerability Description
Red Hat CloudForms Management Engine(CFME)是美国红帽(Red Hat)公司的一个IaaS(基础设施即服务)云服务解决方案的管理引擎。 Red Hat CloudForms Management Engine 5.2.4.2之前版本存在后置链接漏洞。本地攻击者利用该漏洞通过对临时文件实施符号链接攻击执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A