Published: 04/01/2013 Updated: 29/08/2017

CVSS v2 Base Score: 5.5 | Impact Score: 4.9 | Exploitability Score: 8

VMScore: 490

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N

proxies_controller.rb in Katello in Red Hat CloudForms prior to 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat cloudforms

Synopsis Important: CloudForms System Engine 11 update Type/Severity Security Advisory: Important Topic Updated CloudForms System Engine packages that fix multiple securityissues, several bugs, and add enhancements are now availableThe Red Hat Security Response Team has rated this update as havingimportan ...

Synopsis Important: Subscription Asset Manager 12 update Type/Severity Security Advisory: Important Topic Red Hat Subscription Asset Manager 12, which fixes several securityissues, multiple bugs, and adds various enhancements, is now availableThe Red Hat Security Response Team has rated this update as ha ...

CWE-264 https://bugzilla.redhat.com/show_bug.cgi?id=882129 http://www.securityfocus.com/bid/56819 http://rhn.redhat.com/errata/RHSA-2012-1543.html http://osvdb.org/88142 http://secunia.com/advisories/51472 http://osvdb.org/88140 http://rhn.redhat.com/errata/RHSA-2013-0544.html https://exchange.xforce.ibmcloud.com/vulnerabilities/80549 https://access.redhat.com/errata/RHSA-2012:1543 https://nvd.nist.gov

CVE-2012-5603

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect