Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

666 matches found

NVD
NVDadded 2013/01/04 10:55 p.m.21 views

CVE-2012-4574

Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file...

2.1CVSS6.2AI score0.00082EPSS
Exploits0References6
NVD
NVDadded 2013/01/04 10:55 p.m.19 views

CVE-2012-5603

proxiescontroller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system...

5.5CVSS6.2AI score0.00253EPSS
Exploits0References8
NVD
NVDadded 2013/01/04 10:55 p.m.21 views

CVE-2012-5605

Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files...

2.1CVSS6.1AI score0.00082EPSS
Exploits0References7
NVD
NVDadded 2013/01/04 10:55 p.m.22 views

CVE-2012-3538

Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log...

3.3CVSS6.1AI score0.00191EPSS
Exploits0References5
Prion
Prionadded 2013/01/04 10:55 p.m.24 views

Design/Logic Flaw

proxiescontroller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system...

5.5CVSS6.6AI score0.00253EPSS
Exploits0References8Affected Software1
Prion
Prionadded 2013/01/04 10:55 p.m.22 views

Default credentials

Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file...

2.1CVSS6.8AI score0.00082EPSS
Exploits0References6Affected Software1
Prion
Prionadded 2013/01/04 10:55 p.m.20 views

Default configuration

Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files...

2.1CVSS6.6AI score0.00082EPSS
Exploits0References7Affected Software1
Prion
Prionadded 2013/01/04 10:55 p.m.19 views

Code injection

Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log...

3.3CVSS6.6AI score0.00191EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2013/01/04 10:0 p.m.62 views

CVE-2012-4574

CVE-2012-4574 affects Red Hat CloudForms with the Pulp component. The issue arises because the Pulp configuration file, pulp.conf, was installed with world-readable permissions, allowing local users to read the administrative password. The RHSA-2012:1543 update for CloudForms System Engine 1.1 fi...

2.1CVSS6.3AI score0.00082EPSS
Exploits0References6Affected Software1
CVE
CVEadded 2013/01/04 10:0 p.m.55 views

CVE-2012-3538

CVE-2012-3538 affects Red Hat CloudForms (System Engine) 1.1 and is caused by Pulp logging administrative passwords to a world-readable log file (production.log). This local, file-based disclosure allows a user with access to the log to read administrative credentials and potentially take control...

3.3CVSS6.1AI score0.00191EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2013/01/04 10:0 p.m.25 views

CVE-2012-5605

Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files...

6.1AI score0.00082EPSS
Exploits0References7
Cvelist
Cvelistadded 2013/01/04 10:0 p.m.24 views

CVE-2012-5603

proxiescontroller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system...

6.2AI score0.00253EPSS
Exploits0References8
Cvelist
Cvelistadded 2013/01/04 10:0 p.m.22 views

CVE-2012-4574

Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file...

6.2AI score0.00082EPSS
Exploits0References6
CVE
CVEadded 2013/01/04 10:0 p.m.59 views

CVE-2012-5603

CVE-2012-5603 affects Red Hat CloudForms (Katello component) prior to CloudForms 1.1. The issue is an insufficient permission check in proxies_controller.rb, enabling an authenticated remote attacker to read consumer certificates or alter other users’ settings by abusing the target system UUID. T...

5.5CVSS6.2AI score0.00253EPSS
Exploits0References8Affected Software1
CVE
CVEadded 2013/01/04 10:0 p.m.57 views

CVE-2012-5605

CVE-2012-5605 affects Red Hat CloudForms System Engine prior to version 1.1. The issue arises from grinder cache in /var/lib/pulp/cache/grinder/ using world-writable permissions, enabling local attackers to read or modify grinder cache files. The RHSA-2012:1543 advisory documents this vulnerabili...

2.1CVSS6.2AI score0.00082EPSS
Exploits0References7Affected Software1
Cvelist
Cvelistadded 2013/01/04 10:0 p.m.24 views

CVE-2012-3538

Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log...

6.1AI score0.00191EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2012/12/04 7:32 p.m.54 views

Important: Red Hat Security Advisory: CloudForms System Engine 1.1 update

Updated CloudForms System Engine packages that fix multiple security issues, several bugs, and add enhancements are now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detaile...

5.5CVSS6AI score0.00253EPSS
Exploits0References232
RedHat Linux
RedHat Linuxadded 2012/12/04 7:32 p.m.0 views

grinder: /var/lib/pulp/cache/grinder directory is world-writeable

Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files...

2.1CVSS5.8AI score0.00082EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2012/12/04 7:32 p.m.3 views

pulp /etc/pulp/pulp.conf world readable, contains default admin password

Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file...

2.1CVSS5.8AI score0.00082EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2012/12/04 7:24 p.m.2 views

Moderate: Red Hat Security Advisory: CloudForms Commons 1.1 security update

Updated CloudForms Commons packages that fix several security issues are now available. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each...

7.5CVSS7AI score0.03667EPSS
Exploits14References16
Rows per page
Query Builder