Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Critical: Red Hat Security Advisory: CloudForms 5.0.7 bug fix and enhancement update

🗓️ 06 Aug 2020 14:34:12Reported by RedHatType 
redhat
 redhat🔗 access.redhat.com👁 77 Views

Critical update for Red Hat CloudForms 5.0.

Related
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, arises from the lack of measures taken to eliminate special elements used in the operating system’s command set. This vulnerability allows attackers to execute arbitrary commands.
12 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, stems from insufficient validation of input data. This vulnerability allows attackers to compromise the confidentiality and integrity of the protected information.
12 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, relates to authentication errors. This vulnerability allows an attacker to create existing or new users for access control based on roles and groups.
12 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, related to access control deficiencies, allows attackers to increase their privileges.
12 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, stems from deficiencies in its authentication mechanism. This allows attackers to edit widgets that are only intended for reading purposes.
12 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, related to inadequate access control mechanisms, allows an intruder to gain access to certain confidential data within CloudForms.
12 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, stems from the lack of security measures taken to protect the structure of web pages. This vulnerability allows attackers to execute cross-site scripting attacks (XSS).
12 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, stems from insufficient validation of incoming requests. This allows attackers to scan the internal network.
12 Aug 202000:00
bdu_fstec
Circl		CVE-2020-10777
11 Aug 202016:55
circl
Circl		CVE-2020-10778
11 Aug 202016:55
circl
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
26 Jun 2026 22:44Current
6.7Medium risk
Vulners AI Score6.7
CVSS 26.5
CVSS 3.19.1
EPSS0.02515
cloudforms management engineruby on railssecurity fixcsv injectionssrfcommand injectionuser impersonationcross site scriptingbusiness logic bypassaccess controlbug fixenhancement update
77