Skip to main content

Cloudforms

34 CVEs product

Monthly

CVE-2020-14369 MEDIUM This Month

This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Red Hat Cloudforms
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2020-14325 CRITICAL Act Now

Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which allows malicious attacker to create existent and non-existent role-based access control user, with. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Red Hat Cloudforms
NVD
CVSS 3.1
9.1
EPSS
1.1%
CVE-2020-10783 HIGH This Week

Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Red Hat Cloudforms
NVD
CVSS 3.1
8.3
EPSS
1.0%
CVE-2020-10779 MEDIUM This Month

Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Red Hat Cloudforms
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-10778 MEDIUM This Month

In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Red Hat Cloudforms
NVD
CVSS 3.1
6.0
EPSS
0.9%
CVE-2020-10777 MEDIUM This Month

A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Red Hat Cloudforms
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-16892 Ruby MEDIUM POC PATCH This Month

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rubyzip Fedora Cloudforms
NVD GitHub
CVSS 3.1
5.5
EPSS
1.6%
CVE-2019-10159 MEDIUM This Month

cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to an improper authorization in the migration log controller. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cfme Gemset Cloudforms
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2019-11358 LIB MEDIUM POC PATCH THREAT This Month

{}, ...) because of Object.prototype pollution. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Jquery Debian Linux Drupal +102
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
87.2%
CVE-2019-5419 Ruby HIGH POC PATCH This Week

There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rails Debian Linux Cloudforms Software Collections +2
NVD
CVSS 3.1
7.5
EPSS
8.7%
CVE-2019-5418 Ruby HIGH POC KEV PATCH THREAT This Week

There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Rails Debian Linux Cloudforms Leap +2
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
98.5%
CVE-2018-16476 Ruby HIGH POC PATCH This Week

A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Rails Cloudforms
NVD
CVSS 3.0
7.5
EPSS
2.6%
CVE-2018-10905 HIGH This Week

CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cloudforms Cloudforms Management Engine
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-10855 PyPI MEDIUM PATCH This Month

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Ansible Engine Cloudforms Openstack Virtualization +2
NVD
CVSS 3.1
5.9
EPSS
3.1%
CVE-2018-3760 Ruby HIGH POC PATCH THREAT This Week

There is an information leak vulnerability in Sprockets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Cloudforms Enterprise Linux Sprockets Debian Linux
NVD GitHub
CVSS 3.0
7.5
EPSS
26.7%
CVE-2018-1000544 Ruby CRITICAL POC PATCH Act Now

rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Rubyzip Debian Linux Cloudforms
NVD GitHub
CVSS 3.1
9.8
EPSS
4.5%
CVE-2018-11627 Ruby MEDIUM POC PATCH This Month

Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Sinatra Cloudforms
NVD GitHub
CVSS 3.0
6.1
EPSS
2.2%
CVE-2018-1104 HIGH This Week

Ansible Tower through version 3.2.3 has a vulnerability that allows users only with access to define variables for a job template to execute arbitrary code on the Tower server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Ansible Tower Cloudforms
NVD
CVSS 3.0
8.8
EPSS
2.5%
CVE-2018-1101 HIGH This Week

Ansible Tower before version 3.2.4 has a flaw in the management of system and organization administrators that allows for privilege escalation. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Ansible Tower Cloudforms
NVD
CVSS 3.0
7.2
EPSS
2.0%
CVE-2018-7750 PyPI CRITICAL POC PATCH THREAT Act Now

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Paramiko Ansible Engine Cloudforms Virtualization +7
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
27.1%
CVE-2018-1058 HIGH This Week

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PostgreSQL Ubuntu Linux Cloudforms
NVD
CVSS 3.1
8.8
EPSS
14.1%
CVE-2018-1053 HIGH PATCH This Week

In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of. Rated high severity (CVSS 7.0).

Information Disclosure PostgreSQL Debian Linux Ubuntu Linux Cloudforms
NVD
CVSS 3.0
7.0
EPSS
0.5%
CVE-2017-11610 PyPI HIGH POC PATCH THREAT Act Now

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 93.8%.

Privilege Escalation Supervisor Fedora Debian Linux Cloudforms
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
93.8%
Threat
6.1
CVE-2016-4471 HIGH This Week

ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Privilege Escalation Cloudforms
NVD GitHub
CVSS 3.0
8.8
EPSS
1.5%
CVE-2016-5383 HIGH This Week

The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters.". Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat RCE Authentication Bypass Cloudforms
NVD
CVSS 3.0
8.8
EPSS
1.5%
CVE-2015-7502 MEDIUM This Month

Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudForms 4.0 Management Engine (CFME) 5.5.0 do not properly encrypt data in the backend PostgreSQL database, which might allow local users. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required. No vendor patch available.

Red Hat Information Disclosure PostgreSQL Cloudforms Management Engine Cloudforms
NVD
CVSS 3.0
5.1
EPSS
0.1%
CVE-2014-0057 HIGH This Week

The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Red Hat Cloudforms Cloudforms 3 0 Management Engine
NVD VulDB
CVSS 2.0
7.5
EPSS
0.7%
CVE-2014-0081 Ruby MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Rails Ruby On Rails Opensuse Cloudforms +1
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2013-6443 MEDIUM This Month

CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cloudforms Cloudforms 3 0 Management Engine
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-5604 Ruby MEDIUM PATCH This Month

The ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when using Active Directory for authentication, allows remote attackers to bypass authentication via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Red Hat Privilege Escalation Cloudforms
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2012-5605 LOW Monitor

Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Cloudforms
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-5603 MEDIUM This Month

proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users'. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Cloudforms
NVD
CVSS 2.0
5.5
EPSS
0.3%
CVE-2012-4574 LOW Monitor

Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Authentication Bypass Cloudforms
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-3538 LOW Monitor

Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Authentication Bypass Cloudforms
NVD
CVSS 2.0
3.3
EPSS
0.2%
EPSS 0% CVSS 6.3
MEDIUM This Month

This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Red Hat Cloudforms
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which allows malicious attacker to create existent and non-existent role-based access control user, with. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Red Hat Cloudforms
NVD
EPSS 1% CVSS 8.3
HIGH This Week

Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Red Hat Cloudforms
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Red Hat +1
NVD
EPSS 1% CVSS 6.0
MEDIUM This Month

In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Red Hat Cloudforms
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Red Hat Cloudforms
NVD
EPSS 2% CVSS 5.5
MEDIUM POC PATCH This Month

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rubyzip Fedora +1
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM This Month

cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to an improper authorization in the migration log controller. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cfme Gemset Cloudforms
NVD
EPSS 87% CVSS 6.1
MEDIUM POC PATCH THREAT This Month

{}, ...) because of Object.prototype pollution. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Jquery +104
NVD GitHub Exploit-DB
EPSS 9% CVSS 7.5
HIGH POC PATCH This Week

There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Rails Debian Linux +4
NVD
EPSS 99% CVSS 7.5
HIGH POC KEV PATCH THREAT This Week

There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Rails Debian Linux +4
NVD Exploit-DB
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Rails Cloudforms
NVD
EPSS 0% CVSS 7.8
HIGH This Week

CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cloudforms Cloudforms Management Engine
NVD
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Ansible Engine Cloudforms +4
NVD
EPSS 27% CVSS 7.5
HIGH POC PATCH THREAT This Week

There is an information leak vulnerability in Sprockets. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Cloudforms Enterprise Linux +2
NVD GitHub
EPSS 4% CVSS 9.8
CRITICAL POC PATCH Act Now

rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Rubyzip Debian Linux +1
NVD GitHub
EPSS 2% CVSS 6.1
MEDIUM POC PATCH This Month

Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Sinatra Cloudforms
NVD GitHub
EPSS 3% CVSS 8.8
HIGH This Week

Ansible Tower through version 3.2.3 has a vulnerability that allows users only with access to define variables for a job template to execute arbitrary code on the Tower server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Ansible Tower Cloudforms
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Ansible Tower before version 3.2.4 has a flaw in the management of system and organization administrators that allows for privilege escalation. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Ansible Tower Cloudforms
NVD
EPSS 27% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Paramiko Ansible Engine +9
NVD GitHub Exploit-DB
EPSS 14% CVSS 8.8
HIGH This Week

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure PostgreSQL Ubuntu Linux +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of. Rated high severity (CVSS 7.0).

Information Disclosure PostgreSQL Debian Linux +2
NVD
EPSS 94% 6.1 CVSS 8.8
HIGH POC PATCH THREAT Act Now

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 93.8%.

Privilege Escalation Supervisor Fedora +2
NVD GitHub Exploit-DB
EPSS 2% CVSS 8.8
HIGH This Week

ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Privilege Escalation Cloudforms
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters.". Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat RCE Authentication Bypass +1
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudForms 4.0 Management Engine (CFME) 5.5.0 do not properly encrypt data in the backend PostgreSQL database, which might allow local users. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required. No vendor patch available.

Red Hat Information Disclosure PostgreSQL +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Red Hat +2
NVD VulDB
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Rails Ruby On Rails +3
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cloudforms Cloudforms 3 0 Management Engine
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when using Active Directory for authentication, allows remote attackers to bypass authentication via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Red Hat Privilege Escalation Cloudforms
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Cloudforms
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users'. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Cloudforms
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Authentication Bypass Cloudforms
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Authentication Bypass Cloudforms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy