Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat CloudForms Management Engine 安全漏洞
Vulnerability Description
Red Hat CloudForms Management Engine(CFME)是美国红帽(Red Hat)公司的一个IaaS(基础设施即服务)云服务解决方案的管理引擎。 Red Hat CFME 4.1版本中存在安全漏洞,该漏洞源于程序没有正确处理正则表达通过JSON API和web-based UI传递到表达引擎。远程攻击者可利用该漏洞执行任意Shell命令。
CVSS Information
N/A
Vulnerability Type
N/A