CVE-2020-14324 – CloudForms: Out-of-band OS Command Injection through conversion host
https://notcve.org/view.php?id=CVE-2020-14324
A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0. The out of band OS command injection vulnerability can be exploited by authenticated attacker while setuping conversion host through Infrastructure Migration Solution. This flaw allows attacker to execute arbitrary commands on CloudForms server. Se encontró una vulnerabilidad de alta gravedad en todas las versiones activas de Red Hat CloudForms versiones anteriores a 5.11.7.0. La vulnerabilidad de inyección de comandos del Sistema Operativo fuera de banda puede ser explotada por parte de un atacante autenticado mientras configura el host de conversión por medio de Infrastructure Migration Solution. • https://access.redhat.com/security/cve/cve-2020-14324 https://bugzilla.redhat.com/show_bug.cgi?id=1855713 https://access.redhat.com/security/cve/CVE-2020-14324 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2014-0197 – CFME: CSRF protection vulnerability in referrer header
https://notcve.org/view.php?id=CVE-2014-0197
CFME: CSRF protection vulnerability via permissive check of the referrer header CFME: una vulnerabilidad de la protección CSRF mediante una comprobación permisiva del encabezado de referencia. • https://access.redhat.com/security/cve/cve-2014-0197 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0197 https://access.redhat.com/security/cve/CVE-2014-0197 https://bugzilla.redhat.com/show_bug.cgi?id=1092875 • CWE-285: Improper Authorization CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2018-10854 – cloudforms: stored cross-site scripting in Name field
https://notcve.org/view.php?id=CVE-2018-10854
cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field. La versión de Cloudforms, Cloudforms versión 5.8 y Cloudforms versión 5.9, son vulnerables a un ataque de tipo cross-site-scripting. Se encontró un fallo en la funcionalidad de eliminación de mapeo de infraestructura v2v de CloudForms. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10854 https://access.redhat.com/security/cve/CVE-2018-10854 https://bugzilla.redhat.com/show_bug.cgi?id=1590538 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-15125 – cloudforms: XSS in self-service UI snapshot feature
https://notcve.org/view.php?id=CVE-2017-15125
A flaw was found in CloudForms before 5.9.0.22 in the self-service UI snapshot feature where the name field is not properly sanitized for HTML and JavaScript input. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms. Please note that CSP (Content Security Policy) prevents exploitation of this XSS however not all browsers support CSP. Se ha encontrado un fallo en CloudForms en versiones anteriores a la 5.9.0.22 en la función de instantánea de la interfaz de usuario de autoservicio, donde el campo de nombre no está correctamente saneado para la entrada de código HTML y JavaScript. Un atacante podría aprovechar este fallo para ejecutar un ataque de Cross-Site Scripting (XSS) persistente en un administrador de aplicaciones que emplee CloudForms. • http://www.securityfocus.com/bid/102287 https://access.redhat.com/errata/RHSA-2018:0380 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15125 https://access.redhat.com/security/cve/CVE-2017-15125 https://bugzilla.redhat.com/show_bug.cgi?id=1517396 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2014-0087 – CFME: check_privileges logic error resulting in privilege escalation
https://notcve.org/view.php?id=CVE-2014-0087
The check_privileges method in vmdb/app/controllers/application_controller.rb in ManageIQ, as used in Red Hat CloudForms Management Engine (CFME), allows remote authenticated users to bypass authorization and gain privileges by leveraging improper RBAC checking, related to the rbac_user_edit action. El método check_privileges en vmdb/app/controllers/application_controller.rb en ManageIQ, tal y como se emplea en Red Hat CloudForms Management Engine (CFME), permite que usuarios autenticados remotos omitan la autorización y obtengan privilegios aprovechando una comprobación RBAC indebida, relacionada con la acción rbac_user_edit. • https://bugzilla.redhat.com/show_bug.cgi?id=1067623 https://github.com/ManageIQ/manageiq/issues/1581 https://access.redhat.com/security/cve/CVE-2014-0087 • CWE-264: Permissions, Privileges, and Access Controls CWE-285: Improper Authorization •