CVE-2014-3486 is a vulnerability in Red Hat Cloudforms 3 0 Management Engine
Published on July 7, 2014

The (1) shell_exec function in lib/util/MiqSshUtilV1.rb and (2) temp_cmd_file function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allow local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name.

Vendor Advisory NVD

Products Associated with CVE-2014-3486

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2014-3486 are published in Red Hat Cloudforms 3 0 Management Engine:

Red Hat Cloudforms 3 0 Management Engine

Exploit Probability

EPSS

0.18%

Percentile

39.39%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2014-3486 is a vulnerability in Red Hat Cloudforms 3 0 Management EnginePublished on July 7, 2014

Products Associated with CVE-2014-3486

Exploit Probability

CVE-2014-3486 is a vulnerability in Red Hat Cloudforms 3 0 Management Engine
Published on July 7, 2014