CVE-2014-3486 is a vulnerability in Red Hat Cloudforms 3 0 Management Engine
Published on July 7, 2014

The (1) shell_exec function in lib/util/MiqSshUtilV1.rb and (2) temp_cmd_file function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allow local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name.

Vendor Advisory NVD

Products Associated with CVE-2014-3486

Want to know whenever a new CVE is published for Red Hat Cloudforms 3 0 Management Engine? stack.watch will email you.

Red Hat Cloudforms 3 0 Management Engine

Exploit Probability

EPSS

0.18%

Percentile

38.99%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2014-3486 is a vulnerability in Red Hat Cloudforms 3 0 Management EnginePublished on July 7, 2014

Products Associated with CVE-2014-3486

Exploit Probability

CVE-2014-3486 is a vulnerability in Red Hat Cloudforms 3 0 Management Engine
Published on July 7, 2014