2 matches found
CVE-2014-0087
The checkprivileges method in vmdb/app/controllers/applicationcontroller.rb in ManageIQ, as used in Red Hat CloudForms Management Engine CFME, allows remote authenticated users to bypass authorization and gain privileges by leveraging improper RBAC checking, related to the rbacuseredit action...
CVE-2014-0087
Affected product: ManageIQ / Red Hat CloudForms Management Engine (CFME). Issue: The check_privileges method in vmdb/app/controllers/application_controller.rb allows remote authenticated users to bypass authorization by exploiting improper RBAC checking, specifically related to the rbac_user_edit...