SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter in an explorer action.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-01-11T01:00:00

Updated: 2024-08-06T15:20:37.414Z

Reserved: 2013-02-19T00:00:00

Link: CVE-2013-2050

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-01-11T01:55:02.940

Modified: 2024-11-21T01:50:56.087

Link: CVE-2013-2050

cve-icon Redhat

Severity : Important

Publid Date: 2013-11-13T00:00:00Z

Links: CVE-2013-2050 - Bugzilla