9 matches found
EUVD-2020-18370
Malware in sbrugna...
Design/Logic Flaw
A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest...
Important: Red Hat Security Advisory: CloudForms 5.0.10 security, bug fix and enhancement update
An update is now available for CloudForms Management Engine 5.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Cloudforms: Incomplete fix for CVE-2020-10783
A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest...
CVE-2020-25716
A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest...
Critical: Red Hat Security Advisory: CloudForms 4.7.16 security, bug fix and enhancement update
An update is now available for CloudForms Management Engine 5.10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
CVE-2020-10783
Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. An attacker with EVM-Operator group can perform actions restricted only to EVM-Super-administrator group, leads to, exporting or importing administrator files...
CVE-2020-10783
CVE-2020-10783 affects Red Hat CloudForms Management Engine (CFME) 4.7/5.0.x; a role-based privilege escalation allowed an attacker with a specific group (EVM-Operator) to perform actions reserved for higher-privileged roles (EVM-Super-administrator), including exporting/importing administrator f...
CVE-2020-10783
A role-based privileges escalation flaw was found in Red Hat CloudForms where export or import of administrator files was possible. An attacker with EVM-Operator group can perform actions restricted only to system administrator. Refer CVE-2020-25716 for remaining RBAC group fixes. Mitigation Red...