Known Vulnerabilities for Cloudforms by Redhat
Listed below are 10 of the newest known vulnerabilities associated with "Cloudforms" by "Redhat".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-25716 json | A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is poss... | 8.1 - HIGH | 2021-06-07 | 2023-11-07 |
| CVE-2020-14369 json | This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execu... | 6.3 - MEDIUM | 2020-12-02 | 2020-12-04 |
| CVE-2020-14325 json | Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which allows malicious attacke... | 9.1 - CRITICAL | 2020-08-11 | 2021-07-21 |
| CVE-2020-10783 json | Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. An attacker with EVM-Operator group can p... | 8.3 - HIGH | 2020-08-11 | 2021-07-21 |
| CVE-2020-10779 json | Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due... | 6.5 - MEDIUM | 2020-08-11 | 2021-07-21 |
| CVE-2020-10778 json | In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attrib... | 6 - MEDIUM | 2020-08-11 | 2021-07-21 |
| CVE-2020-10777 json | A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. An attacker could use this flaw... | 5.4 - MEDIUM | 2020-08-11 | 2020-08-12 |
| CVE-2019-16892 json | In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompres... | 5.5 - MEDIUM | 2019-09-25 | 2023-12-28 |
| CVE-2019-11358 json | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of ... | 6.1 - MEDIUM | 2019-04-20 | 2023-11-07 |
| CVE-2019-10159 json | cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to an improper authorization in... | 4.3 - MEDIUM | 2019-06-14 | 2023-02-12 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Cloudforms | 5.9 | |||
| Application | Redhat | Cloudforms | 5.11.7.0 | |||
| Application | Redhat | Cloudforms | 5.11 | |||
| Application | Redhat | Cloudforms | 5.10 | |||
| Application | Redhat | Cloudforms | 5.0.7 | |||
| Application | Redhat | Cloudforms | 5.0.6 | |||
| Application | Redhat | Cloudforms | 5.0.5 | |||
| Application | Redhat | Cloudforms | 5.0.4 | |||
| Application | Redhat | Cloudforms | 5.0.3 | |||
| Application | Redhat | Cloudforms | 5.0.2 | |||
| Application | Redhat | Cloudforms | 5.0.1 | |||
| Application | Redhat | Cloudforms | 5.0.0 | |||
| Application | Redhat | Cloudforms | 4.7 | |||
| Application | Redhat | Cloudforms | 4.6 | |||
| Application | Redhat | Cloudforms | 4.5 | |||
| Application | Redhat | Cloudforms | 4.2 | |||
| Application | Redhat | Cloudforms | 4.1 | |||
| Application | Redhat | Cloudforms | 4.0 | |||
| Application | Redhat | Cloudforms | 3.2 | |||
| Application | Redhat | Cloudforms | 3.0 |