Known Vulnerabilities for Cloudforms Management Engine by Redhat
Listed below are 10 of the newest known vulnerabilities associated with "Cloudforms Management Engine" by "Redhat".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-14324 json | A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0. The out of band OS comm... | 9.1 - CRITICAL | 2020-08-11 | 2020-08-13 |
| CVE-2020-14296 json | Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower ... | 7.1 - HIGH | 2020-08-11 | 2020-08-12 |
| CVE-2020-10780 json | Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV a... | 6.3 - MEDIUM | 2020-08-11 | 2021-07-21 |
| CVE-2020-1740 json | A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault ... | 4.7 - MEDIUM | 2020-03-16 | 2023-11-07 |
| CVE-2020-1739 json | A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "... | 3.9 - LOW | 2020-03-12 | 2023-11-07 |
| CVE-2020-1738 json | A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a ... | 3.9 - LOW | 2020-03-16 | 2023-11-07 |
| CVE-2020-1736 json | A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. Thi... | 3.3 - LOW | 2020-03-16 | 2023-11-07 |
| CVE-2020-1735 json | A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new pa... | 4.6 - MEDIUM | 2020-03-16 | 2023-11-07 |
| CVE-2020-1733 json | A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook ... | 5 - MEDIUM | 2020-03-11 | 2023-11-07 |
| CVE-2019-14905 json | A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier,... | 5.6 - MEDIUM | 2020-03-31 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Cloudforms Management Engine | 5.9.3.1 | |||
| Application | Redhat | Cloudforms Management Engine | 5.9 | |||
| Application | Redhat | Cloudforms Management Engine | 5.8.1.2 | |||
| Application | Redhat | Cloudforms Management Engine | 5.8.1 | |||
| Application | Redhat | Cloudforms Management Engine | 5.8.0 | |||
| Application | Redhat | Cloudforms Management Engine | 5.8 | |||
| Application | Redhat | Cloudforms Management Engine | 5.7.3.1 | |||
| Application | Redhat | Cloudforms Management Engine | 5.7.3 | |||
| Application | Redhat | Cloudforms Management Engine | 5.7.2.1 | |||
| Application | Redhat | Cloudforms Management Engine | 5.7.2 | |||
| Application | Redhat | Cloudforms Management Engine | 5.7.1.3 | |||
| Application | Redhat | Cloudforms Management Engine | 5.7.1 | |||
| Application | Redhat | Cloudforms Management Engine | 5.7.0 | |||
| Application | Redhat | Cloudforms Management Engine | 5.7 | |||
| Application | Redhat | Cloudforms Management Engine | 5.6.3.0 | |||
| Application | Redhat | Cloudforms Management Engine | 5.6.3 | |||
| Application | Redhat | Cloudforms Management Engine | 5.6 | |||
| Application | Redhat | Cloudforms Management Engine | 5.5.0 | |||
| Application | Redhat | Cloudforms Management Engine | 5.4.4 | |||
| Application | Redhat | Cloudforms Management Engine | 5.3 |