Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-3692

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-3692
Last Modified 20 Jan 2015 08:49:14
Published 16 Jan 2015 11:59:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-3692

Summary

The customization template in Red Hat CloudForms 3.1 Management Engine (CFME) 5.3 uses a default password for the root account when a password is not specified for a new image, which allows remote attackers to gain privileges.

Vulnerable Systems

Application

  • Redhat Cloudforms 3.1 Management Engine 5.3


References

SECUNIA - 62255

REDHAT - RHSA-2015:0028


Last Updated: 27 May 2016 10:53:58