CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10783 – CloudForms: Missing access control leads to escalation of admin group privileges
https://notcve.org/view.php?id=CVE-2020-10783
Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. An attacker with EVM-Operator group can perform actions restricted only to EVM-Super-administrator group, leads to, exporting or importing administrator files. Red Hat CloudForms versiones 4.7 y 5, está afectado por un fallo de escalada de privilegios basada en roles. Un atacante con grupo EVM-Operador puede llevar a cabo acciones restringidas solo para el grupo EVM-Super-administrador, conlleva a, exportar o importar archivos de administrador A role-based privileges escalation flaw was found in Red Hat CloudForms where export or import of administrator files was possible. An attacker with EVM-Operator group can perform actions restricted only to system administrator. Refer CVE-2020-25716 for remaining RBAC group fixes. • https://access.redhat.com/security/cve/cve-2020-10783 https://bugzilla.redhat.com/show_bug.cgi?id=1847811 https://access.redhat.com/security/cve/CVE-2020-10783 • CWE-284: Improper Access Control •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10778 – CloudForms: Business logic bypass through widgets
https://notcve.org/view.php?id=CVE-2020-10778
In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. This business logic flaw violate the expected behavior. En Red Hat CloudForms versiones 4.7 y 5, los widgets de solo lectura pueden ser editados inspeccionando los formularios y eliminando el atributo deshabilitado desde los campos, ya que no existe comprobación del lado del servidor. Este fallo de lógica de negocios viola el comportamiento esperado A business logic flaw was found in Red Hat CloudForms where the read-only values of the Widgets could be altered. An attacker with low privileges could bypass server-side validation by dropping the disabled attribute from the fields. • https://access.redhat.com/security/cve/cve-2020-10778 https://bugzilla.redhat.com/show_bug.cgi?id=1847628 https://access.redhat.com/security/cve/CVE-2020-10778 • CWE-669: Incorrect Resource Transfer Between Spheres CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2014-0197 – CFME: CSRF protection vulnerability in referrer header
https://notcve.org/view.php?id=CVE-2014-0197
CFME: CSRF protection vulnerability via permissive check of the referrer header CFME: una vulnerabilidad de la protección CSRF mediante una comprobación permisiva del encabezado de referencia. • https://access.redhat.com/security/cve/cve-2014-0197 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0197 https://access.redhat.com/security/cve/CVE-2014-0197 https://bugzilla.redhat.com/show_bug.cgi?id=1092875 • CWE-285: Improper Authorization CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-4423
https://notcve.org/view.php?id=CVE-2013-4423
CloudForms stores user passwords in recoverable format CloudForms, almacena las contraseñas de los usuarios en formato recuperable • https://access.redhat.com/security/cve/cve-2013-4423 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4423 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2013-0186 – EVM: Stored XSS
https://notcve.org/view.php?id=CVE-2013-0186
Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en ManageIQ EVM, permiten a atacantes remotos inyectar script web o HTML arbitrario por medio de vectores no especificados. • https://access.redhat.com/errata/RHSA-2014:0215 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0186 https://access.redhat.com/security/cve/CVE-2013-0186 https://bugzilla.redhat.com/show_bug.cgi?id=895346 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •