CVE-2016-7071 – CFME: bypass authorization by altering VM ID
https://notcve.org/view.php?id=CVE-2016-7071
It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM. Se ha descubierto que CloudForms en versiones anteriores a la 5.6.2.2 y versiones 5.7.0.7 no aplicó correctamente controles de permisos a los ID de las máquinas virtuales pasados por los usuarios. Un atacante autenticado remoto podría emplear este error para ejecutar máquinas virtuales en sistemas gestionados por CloudForms si conoce el ID de la máquina It was found that the CloudForms did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM. • http://rhn.redhat.com/errata/RHSA-2016-2091.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7071 https://access.redhat.com/security/cve/CVE-2016-7071 https://bugzilla.redhat.com/show_bug.cgi?id=1383124 • CWE-285: Improper Authorization •
CVE-2016-7040 – cfme: Incorrect sanitization in regular expression engine
https://notcve.org/view.php?id=CVE-2016-7040
Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections. Red Hat CloudForms Management Engine 4.1 no maneja adecuadamente expresiones regulares pasadas al motor de expresión a través de la API JSON y la interfaz de usuario basada en web, lo que permite a usuarios remotos autenticados ejecutar comandos shell arbitrarios aprovechando la capacidad de ver y filtrar colecciones. An input validation flaw was found in the way CloudForms regular expressions were passed to the expression engine via both the JSON API and the web based UI. A user with the ability to view collections and filter them could use this flaw to execute arbitrary shell commands on the host with the privileges of the CloudForms process. • http://rhn.redhat.com/errata/RHSA-2016-1996.html http://www.securityfocus.com/bid/93893 https://access.redhat.com/security/cve/CVE-2016-7040 https://bugzilla.redhat.com/show_bug.cgi?id=1375089 • CWE-20: Improper Input Validation CWE-284: Improper Access Control •
CVE-2016-5383 – CloudForms: Lack of field filters on user input
https://notcve.org/view.php?id=CVE-2016-5383
The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters." La web UI en Red hat CloudForms 4.1 permite a usuarios remotos autenticados ejecutar un código arbitrario a través de vectores relacionados con "falta de filtros de campo". It was found that the CloudForms web UI did not properly filter input in certain fields. A remote, authenticated attacker could use this flaw to execute arbitrary code on the system running CloudForms. • http://rhn.redhat.com/errata/RHSA-2016-1634.html http://www.securityfocus.com/bid/92585 https://access.redhat.com/security/cve/CVE-2016-5383 https://bugzilla.redhat.com/show_bug.cgi?id=1353722 • CWE-20: Improper Input Validation CWE-284: Improper Access Control •