Default credentials

Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 logs the root password when deploying a VM, which allows local users to obtain sensitive information by reading the evm.log file...

Design/Logic Flaw

The 1 shellexec function in lib/util/MiqSshUtilV1.rb and 2 tempcmdfile function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 allow local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name...

Code injection

The waitfortask function in app/controllers/applicationcontroller.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in application/panelcontrol in CloudForms 3.0 Management Engine CFME before 5.2.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-0176

Cross-site scripting XSS vulnerability in application/panelcontrol in CloudForms 3.0 Management Engine CFME before 5.2.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-3489

lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force attack...

CVE-2014-0180

CVE-2014-0180 affects Red Hat CloudForms 3.0 Management Engine (CFME) before version 5.2.4.2. The wait_for_task() function in app/controllers/application_controller.rb can, under certain conditions, enter an infinite loop, causing sustained CPU usage and a denial of service on the host running CF...

CVE-2014-3486

The 1 shellexec function in lib/util/MiqSshUtilV1.rb and 2 tempcmdfile function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 allow local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name...

CVE-2014-0184

Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 logs the root password when deploying a VM, which allows local users to obtain sensitive information by reading the evm.log file...

CVE-2014-3486

The CVE-2014-3486 entry affects Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2. A local attacker could exploit a symlink attack on a temporary file with a predictable name via two components: the shell_exec function in lib/util/MiqSshUtilV1.rb and the temp_cmd_file function in lib...

CVE-2014-0176

CVE-2014-0176 is a cross-site scripting (XSS) flaw in CloudForms 3.0 Management Engine (CFME) prior to 5.2.4.2, affecting the application/panel_control component. The vulnerability allows remote attackers to inject arbitrary web script/HTML via unspecified vectors in CFME. The issue has been ackn...

CVE-2014-3489

CVE-2014-3489 affects Red Hat CloudForms 3.0 Management Engine (CFME); lib/util/miq-password.rb uses a hard-coded salt, enabling easier brute-force guessing of stored passwords by remote attackers. Documented impact: password guessing via brute force; exposure depends on access to stored credenti...

CVE-2014-0184

CVE-2014-0184 affects Red Hat CloudForms 3.0 CFME; the root password was logged to evm.log during VM deployment, enabling local users to read sensitive credentials. This is a local-privilege exposure stemming from a logging flaw. Impact per sources is sensitive information disclosure (root access...

CVE-2014-0180

The waitfortask function in app/controllers/applicationcontroller.rb in Red Hat CloudForms 3.0 Management Engine CFME before 5.2.4.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via unspecified vectors...

PT-2014-5355 · Red Hat · Red Hat Cloudforms

Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms versions prior to 5.2.4.2 Description: The issue concerns the use of a hard-coded salt in a password management component, which could facilitate brute force attacks by remote attackers, making it easier to guess passwords...

PT-2014-3523 · Red Hat · Red Hat Cloudforms

Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms versions prior to 5.2.4.2 Description: The issue allows local users to obtain sensitive information, specifically the root password, by reading the evm.log file when deploying a VM. This occurs because the root password is...

PT-2014-3520 · Red Hat · Red Hat Cloudforms

Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms versions prior to 5.2.4.2 Description: The issue allows remote attackers to cause a denial of service, resulting in an infinite loop and CPU consumption. This is due to a problem in the wait for task function...

PT-2014-5353 · Red Hat · Red Hat Cloudforms

Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms versions prior to 5.2.4.2 Description: The issue allows local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name. This is due to vulnerabilities in the shell exec function i...

PT-2014-3518 · Red Hat · Cloudforms

Name of the Vulnerable Software and Affected Versions: CloudForms versions prior to 5.2.4.2 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML. This could potentially lead to unauthorized actions on the affected system...

Red Hat CloudForms Management Engine 5.1 - agent/linuxpkgs Path Traversal

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 Msf::Exploit::Remote include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def...