Page 2 of 8 results (0.008 seconds)

CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0

Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. An attacker with EVM-Operator group can perform actions restricted only to EVM-Super-administrator group, leads to, exporting or importing administrator files. Red Hat CloudForms versiones 4.7 y 5, está afectado por un fallo de escalada de privilegios basada en roles. Un atacante con grupo EVM-Operador puede llevar a cabo acciones restringidas solo para el grupo EVM-Super-administrador, conlleva a, exportar o importar archivos de administrador A role-based privileges escalation flaw was found in Red Hat CloudForms where export or import of administrator files was possible. An attacker with EVM-Operator group can perform actions restricted only to system administrator. Refer CVE-2020-25716 for remaining RBAC group fixes. • https://access.redhat.com/security/cve/cve-2020-10783 https://bugzilla.redhat.com/show_bug.cgi?id=1847811 https://access.redhat.com/security/cve/CVE-2020-10783 • CWE-284: Improper Access Control •

CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0

In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. This business logic flaw violate the expected behavior. En Red Hat CloudForms versiones 4.7 y 5, los widgets de solo lectura pueden ser editados inspeccionando los formularios y eliminando el atributo deshabilitado desde los campos, ya que no existe comprobación del lado del servidor. Este fallo de lógica de negocios viola el comportamiento esperado A business logic flaw was found in Red Hat CloudForms where the read-only values of the Widgets could be altered. An attacker with low privileges could bypass server-side validation by dropping the disabled attribute from the fields. • https://access.redhat.com/security/cve/cve-2020-10778 https://bugzilla.redhat.com/show_bug.cgi?id=1847628 https://access.redhat.com/security/cve/CVE-2020-10778 • CWE-669: Incorrect Resource Transfer Between Spheres CWE-863: Incorrect Authorization •

CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 1

In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service (disk consumption). En Rubyzip versiones anteriores a 1.3.0, un archivo ZIP diseñado puede omitir las comprobaciones de la aplicación en los tamaños de entrada ZIP porque los datos sobre el tamaño sin comprimir pueden ser falsificados. Esto permite a atacantes causar una denegación de servicio (consumo de disco). A vulnerability in Rubyzip, versions prior to 1.3.0, allows a crafted ZIP file to bypass application checks on ZIP entry sizes. • https://access.redhat.com/errata/RHBA-2019:4047 https://access.redhat.com/errata/RHSA-2019:4201 https://github.com/rubyzip/rubyzip/commit/d65fe7bd283ec94f9d6dc7605f61a6b0dd00f55e https://github.com/rubyzip/rubyzip/pull/403 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J45KSFPP6DFVWLC7Z73L7SX735CKZYO6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MWWPORMSBHZTMP4PGF4DQD22TTKBQMMC https://lists.fedoraproject.org/archives/list/package-announce%40l • CWE-400: Uncontrolled Resource Consumption •