Cloudforms Security Vulnerabilities and Issues — Page 2 of Cloudforms CVE List

Lucene search

RedhatCloudforms

57 matches found

CVE•added 2013/01/04 10:55 p.m.•47 views

CVE-2012-5605

Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.

2.1CVSS6.2AI score0.00082EPSS

CVE•added 2019/11/04 1:15 p.m.•47 views

CVE-2013-4423

CloudForms stores user passwords in recoverable format

5.5CVSS5.5AI score0.00104EPSS

CVE•added 2022/07/06 8:15 p.m.•47 views

CVE-2014-8164

A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.

9.1CVSS9.1AI score0.00135EPSS

CVE•added 2013/01/04 10:55 p.m.•46 views

CVE-2012-3538

Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log.

3.3CVSS6.1AI score0.00191EPSS

CVE•added 2018/07/27 6:29 p.m.•45 views

CVE-2017-2653

A number of unused delete routes are present in CloudForms before 5.7.2.1 which can be accessed via GET requests instead of just POST requests. This could allow an attacker to bypass the protect_from_forgery XSRF protection causing the routes to be used. This attack would require additional cross-s...

6.5CVSS6.1AI score0.00454EPSS

CVE•added 2016/04/11 9:59 p.m.•44 views

CVE-2015-7502

Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudForms 4.0 Management Engine (CFME) 5.5.0 do not properly encrypt data in the backend PostgreSQL database, which might allow local users to obtain sensitive data and consequently gain privileges by leveraging access to (1) database expor...

5.1CVSS5.2AI score0.00061EPSS

CVE•added 2017/06/08 6:29 p.m.•41 views

CVE-2016-4471

ManageIQ in CloudForms before 4.1 allows remote authenticated users to execute arbitrary code.

8.8CVSS8.6AI score0.01639EPSS

Total number of security vulnerabilities57