CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 1CVE-2018-11627 – rubygem-sinatra: XSS in the 400 Bad Request page
https://notcve.org/view.php?id=CVE-2018-11627
31 May 2018 — Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception. Sinatra en versiones anteriores a la 2.0.2 tiene Cross-Site Scripting (XSS) a través de la página 400 Bad Request que se produce en una excepción del analizador de parámetros. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller fram... • https://access.redhat.com/errata/RHSA-2019:0212 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1104 – ansible-tower: Remote code execution by users with access to define variables in job templates
https://notcve.org/view.php?id=CVE-2018-1104
02 May 2018 — Ansible Tower through version 3.2.3 has a vulnerability that allows users only with access to define variables for a job template to execute arbitrary code on the Tower server. Ansible Tower hasta la versión 3.2.3 tiene una vulnerabilidad que permite que usuarios que solo tienen acceso para definir variables para una plantilla de trabajo ejecuten código arbitrario en el servidor Tower. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of mana... • https://access.redhat.com/errata/RHSA-2018:1328 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1101 – ansible-tower: Privilege escalation flaw allows for organization admins to obtain system privileges
https://notcve.org/view.php?id=CVE-2018-1101
02 May 2018 — Ansible Tower before version 3.2.4 has a flaw in the management of system and organization administrators that allows for privilege escalation. System administrators that are members of organizations can have their passwords reset by organization administrators, allowing organization administrators access to the entire system. Ansible Tower en versiones anteriores a la 3.2.4 tiene un error en la gestión de administradores de sistema y organización que permite el escalado de privilegios. Los administradores ... • https://access.redhat.com/errata/RHSA-2018:1328 • CWE-266: Incorrect Privilege Assignment CWE-521: Weak Password Requirements •
CVSS: 9.8EPSS: 22%CPEs: 23EXPL: 5CVE-2018-7750 – Paramiko 2.4.1 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2018-7750
13 Mar 2018 — transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. transport.py en la implementación del servidor SSH de Paramiko, en versiones anteriores a la 1.17.6; versiones 1.18.x ante... • https://packetstorm.news/files/id/150020 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 80%CPEs: 9EXPL: 0CVE-2018-1058 – postgresql: Uncontrolled search path element in pg_dump and other client applications
https://notcve.org/view.php?id=CVE-2018-1058
02 Mar 2018 — A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected. Se ha encontrado un error en la forma en la que Postgresql permitía que un usuario modificase el comportamiento de una consulta para otros usuarios. Un atacante con una cuenta de usuario podría emplear este error para ejecutar código con permisos de ... • http://www.securityfocus.com/bid/103221 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12191 – CFME: VMRC plugin console grants users administrative access
https://notcve.org/view.php?id=CVE-2017-12191
28 Feb 2018 — A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be appropriate for users of CloudForms (and thus this account). An attacker could use this vulnerability to view and make changes to settings in the VMRC and virtual machines controlled by it that they should not have access to. Se ha encontrado un error en la configuración de cuentas CloudForms al emplear VMware. P... • https://access.redhat.com/errata/RHSA-2018:0374 • CWE-284: Improper Access Control CWE-613: Insufficient Session Expiration •
CVSS: 7.0EPSS: 0%CPEs: 11EXPL: 0CVE-2018-1053 – postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask
https://notcve.org/view.php?id=CVE-2018-1053
09 Feb 2018 — In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade, and not under 0077 which is normally used for other temporary files. This can allow an authenticated attacker to read or modify the one file, which may contain encrypted or unencrypted database passwords. The attack is infeasible if a... • http://www.securityfocus.com/bid/102986 • CWE-377: Insecure Temporary File CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2017-12148 – Tower: modification of git hooks in SCM repo via upstream playbook execution
https://notcve.org/view.php?id=CVE-2017-12148
24 Oct 2017 — A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository could create a Trojan playbook that, when executed by Tower, modifies the checked out SCM repository to add git hooks. These git hooks could, in turn, cause arbitrary command and code execution as the user Tower runs as. Se ha encontrado un fallo e... • https://access.redhat.com/errata/RHSA-2017:3005 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 94%CPEs: 18EXPL: 4CVE-2017-11610 – Supervisor 3.0a1 < 3.3.2 - XML-RPC (Authenticated) Remote Code Execution
https://notcve.org/view.php?id=CVE-2017-11610
23 Aug 2017 — The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups. El servidor XML-RPC en supervisor en versiones anteriores a la 3.0.1, 3.1.x en versiones anteriores a la 3.1.4, 3.2.x en versiones anteriores a la 3.2.4, y 3.3.x en versiones anteriores a la 3.3.3 permite que atacantes remotos autenticados ejecuten comandos ... • https://packetstorm.news/files/id/144316 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-276: Incorrect Default Permissions •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-2664 – CloudForms: lack of RBAC on various methods in web UI
https://notcve.org/view.php?id=CVE-2017-2664
03 Aug 2017 — CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1 lacks RBAC controls on certain methods in the rails application portion of CloudForms. An attacker with access could use a variety of methods within the rails application portion of CloudForms to escalate privileges. CloudForms Management Engine (cfme) en versiones anteriores a la 5.7.3 y 5.8.x anteriores a la 5.8.1 carece de controles RBAC en determinados métodos en la parte de la aplicación rails de CloudForms. Un atacante con acceso ... • http://www.securityfocus.com/bid/100148 • CWE-284: Improper Access Control •