Lucene search

Critical: Red Hat Security Advisory: CloudForms 5.0.7 bug fix and enhancement update

🗓️ 06 Aug 2020 14:12:34Reported by RedHatType

Critical update for Red Hat CloudForms 5.0.

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 60
Tenable Nessus	RHEL 8 : CloudForms 5.0.7 update (Critical) (RHSA-2020:3358)	6 Aug 202000:00	–	nessus
Tenable Nessus	RHEL 7 : CloudForms 4.7.16 (RHSA-2020:3574)	27 Aug 202000:00	–	nessus
Tenable Nessus	RHEL 8 : CloudForms 5.0.10 (RHSA-2020:5554)	18 Dec 202000:00	–	nessus
OSV	RHSA-2020:3358 Red Hat Security Advisory: CloudForms 5.0.7 bug fix and enhancement update	16 Sep 202404:32	–	osv
OSV	RHSA-2020:3574 Red Hat Security Advisory: CloudForms 4.7.16 security, bug fix and enhancement update	16 Sep 202404:32	–	osv
RedHat Linux	Critical: Red Hat Security Advisory: CloudForms 4.7.16 security, bug fix and enhancement update	27 Aug 202016:03	–	redhat
RedHat Linux	Important: Red Hat Security Advisory: CloudForms 5.0.10 security, bug fix and enhancement update	15 Dec 202021:19	–	redhat
Prion	Input validation	11 Aug 202014:15	–	prion
Prion	Input validation	11 Aug 202013:15	–	prion
Prion	Command injection	11 Aug 202014:15	–	prion

OS	OS Version	Architecture	Package	Package Version	Filename
RedHat	any	x86_64	cfme	5.11.7.3-1.el8cf	cfme-5.11.7.3-1.el8cf.x86_64.rpm
RedHat	any	x86_64	cfme-amazon-smartstate	5.11.7.3-1.el8cf	cfme-amazon-smartstate-5.11.7.3-1.el8cf.x86_64.rpm
RedHat	any	x86_64	cfme-appliance	5.11.7.3-1.el8cf	cfme-appliance-5.11.7.3-1.el8cf.x86_64.rpm
RedHat	any	x86_64	cfme-appliance-common	5.11.7.3-1.el8cf	cfme-appliance-common-5.11.7.3-1.el8cf.x86_64.rpm
RedHat	any	x86_64	cfme-appliance-tools	5.11.7.3-1.el8cf	cfme-appliance-tools-5.11.7.3-1.el8cf.x86_64.rpm
RedHat	any	x86_64	cfme-gemset	5.11.7.3-1.el8cf	cfme-gemset-5.11.7.3-1.el8cf.x86_64.rpm
RedHat	any	noarch	v2v-conversion-host-ansible	1.16.2-3.el8ev	v2v-conversion-host-ansible-1.16.2-3.el8ev.noarch.rpm

Source	Link
access	www.access.redhat.com/documentation/en-us/red_hat_cloudforms/5.0/html/release_notes
access	www.access.redhat.com/security/cve/CVE-2020-10777
access	www.access.redhat.com/security/cve/CVE-2020-10778
access	www.access.redhat.com/security/cve/CVE-2020-10779
access	www.access.redhat.com/security/cve/CVE-2020-10780
access	www.access.redhat.com/security/cve/CVE-2020-10783
access	www.access.redhat.com/security/cve/CVE-2020-14296
access	www.access.redhat.com/security/cve/CVE-2020-14324
access	www.access.redhat.com/security/cve/CVE-2020-14325
access	www.access.redhat.com/security/updates/classification/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Aug 2020 14:34Current

8.1High risk

Vulners AI Score8.1

CVSS26.5

CVSS39.1

EPSS0.01127

cloudforms management engine ruby on rails security fix csv injection ssrf command injection user impersonation cross site scripting business logic bypass access control bug fix enhancement update