Skip to main content

Cloudforms CVE-2020-10779

MEDIUM
Authorization Bypass Through User-Controlled Key (CWE-639)
2020-08-11 secalert@redhat.com
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 11, 2020 - 13:15 nvd
MEDIUM 6.5

DescriptionNVD

Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check. Therefore, if an attacker knows the right criteria, it is possible to access some sensitive data within the CloudForms.

AnalysisAI

Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-639. Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check. Therefore, if an attacker knows the right criteria, it is possible to access some sensitive data within the CloudForms. Affected products include: Redhat Cloudforms.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2017-11610 HIGH POC
8.8 Aug 23

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows rem

CVE-2018-1000544 CRITICAL POC
9.8 Jun 26

rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that c

CVE-2018-7750 CRITICAL POC
9.8 Mar 13

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x

CVE-2019-5419 HIGH POC
7.5 Mar 27

There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where

CVE-2019-5418 HIGH POC
7.5 Mar 27

There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where spe

CVE-2018-16476 HIGH POC
7.5 Nov 30

A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can c

CVE-2018-3760 HIGH POC
7.5 Jun 26

There is an information leak vulnerability in Sprockets. Rated high severity (CVSS 7.5), this vulnerability is remotely

CVE-2019-11358 MEDIUM POC
6.1 Apr 20

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) becaus

CVE-2018-11627 MEDIUM POC
6.1 May 31

Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception. Rated medium sever

CVE-2019-16892 MEDIUM POC
5.5 Sep 25

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the unco

CVE-2016-4471 HIGH
8.8 Jun 08

ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code. Rated high severity (CVSS

CVE-2020-14325 CRITICAL
9.1 Aug 11

Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which allows malicious at

Share

CVE-2020-10779 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy