SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter in an explorer action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat cloudforms management engine 5.1 |
||
redhat manageiq enterprise virtualization manager |