CVE-2013-2068: cfme: CFME 2.0 multiple zip file upload path traversal vulnerabilities

Severity: Critical

CVSS Score: 10

Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management Engine 2.0 allow remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the filename parameter to the (1) log, (2) upload, or (3) linuxpkgs method.