4 matches found
CVE-2017-7497
The dialog for creating cloud volumes cinder provider in CloudForms does not filter cloud tenants by user. An attacker with the ability to create storage volumes could use this to create storage volumes for any other tenant...
CVE-2017-7497
CVE-2017-7497 affects Red Hat CloudForms (CloudForms Management Engine) where the dialog for creating cloud volumes (cinder provider) fails to filter cloud tenants by user. The underlying issue allows an attacker who can create storage volumes to allocate volumes for other tenants, enabling unaut...
Important: Red Hat Security Advisory: CFME 5.7.3 security, bug fix and enhancement update
Updates for cfme, cfme-appliance, cfme-gemset, rh-ruby23-rubygem-nokogiri, and rh-ruby23-rubygem-ovirt-engine-sdk4 are now available for CloudForms Management Engine 5.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...
CVE-2017-7497
The dialog for creating cloud volumes cinder provider in CloudForms does not filter cloud tenants by user. An attacker with the ability to create storage volumes could use this to create storage volumes for any other tenant...