Known Vulnerabilities for Cloudforms by Redhat
Listed below are 10 of the newest known vulnerabilities associated with "Cloudforms" by "Redhat".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-25716 | A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is poss... | 8.1 - HIGH | 2021-06-07 | 2023-11-07 |
| CVE-2020-14369 | This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execu... | 6.3 - MEDIUM | 2020-12-02 | 2020-12-04 |
| CVE-2020-14325 | Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which allows malicious attacke... | 9.1 - CRITICAL | 2020-08-11 | 2021-07-21 |
| CVE-2020-10783 | Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. An attacker with EVM-Operator group can p... | 8.3 - HIGH | 2020-08-11 | 2021-07-21 |
| CVE-2020-10779 | Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due... | 6.5 - MEDIUM | 2020-08-11 | 2021-07-21 |
| CVE-2020-10778 | In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attrib... | 6 - MEDIUM | 2020-08-11 | 2021-07-21 |
| CVE-2020-10777 | A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. An attacker could use this flaw... | 5.4 - MEDIUM | 2020-08-11 | 2020-08-12 |
| CVE-2019-10159 | cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to an improper authorization in... | 4.3 - MEDIUM | 2019-06-14 | 2023-02-12 |
| CVE-2019-5419 | There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where spec... | 7.5 - HIGH | 2019-03-27 | 2023-11-07 |
| CVE-2019-5418 | There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where speciall... | 7.5 - HIGH | 2019-03-27 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Cloudforms | 5.9 | All | All | All |
| Application | Redhat | Cloudforms | 5.11.7.0 | All | All | All |
| Application | Redhat | Cloudforms | 5.11 | All | All | All |
| Application | Redhat | Cloudforms | 5.10 | All | All | All |
| Application | Redhat | Cloudforms | 5.0.7 | All | All | All |
| Application | Redhat | Cloudforms | 5.0.6 | All | All | All |
| Application | Redhat | Cloudforms | 5.0.5 | All | All | All |
| Application | Redhat | Cloudforms | 5.0.4 | All | All | All |
| Application | Redhat | Cloudforms | 5.0.3 | All | All | All |
| Application | Redhat | Cloudforms | 5.0.2 | All | All | All |
| Application | Redhat | Cloudforms | 5.0.1 | All | All | All |
| Application | Redhat | Cloudforms | 5.0.0 | All | All | All |
| Application | Redhat | Cloudforms | 4.7 | All | All | All |
| Application | Redhat | Cloudforms | 4.6 | All | All | All |
| Application | Redhat | Cloudforms | 4.5 | All | All | All |
| Application | Redhat | Cloudforms | 4.2 | All | All | All |
| Application | Redhat | Cloudforms | 4.1 | All | All | All |
| Application | Redhat | Cloudforms | 4.0 | All | All | All |
| Application | Redhat | Cloudforms | 3.2 | All | All | All |
| Application | Redhat | Cloudforms | 3.0 | All | All | All |