CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 1CVE-2018-11627 – rubygem-sinatra: XSS in the 400 Bad Request page
https://notcve.org/view.php?id=CVE-2018-11627
31 May 2018 — Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception. Sinatra en versiones anteriores a la 2.0.2 tiene Cross-Site Scripting (XSS) a través de la página 400 Bad Request que se produce en una excepción del analizador de parámetros. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller fram... • https://access.redhat.com/errata/RHSA-2019:0212 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1104 – ansible-tower: Remote code execution by users with access to define variables in job templates
https://notcve.org/view.php?id=CVE-2018-1104
02 May 2018 — Ansible Tower through version 3.2.3 has a vulnerability that allows users only with access to define variables for a job template to execute arbitrary code on the Tower server. Ansible Tower hasta la versión 3.2.3 tiene una vulnerabilidad que permite que usuarios que solo tienen acceso para definir variables para una plantilla de trabajo ejecuten código arbitrario en el servidor Tower. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of mana... • https://access.redhat.com/errata/RHSA-2018:1328 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1101 – ansible-tower: Privilege escalation flaw allows for organization admins to obtain system privileges
https://notcve.org/view.php?id=CVE-2018-1101
02 May 2018 — Ansible Tower before version 3.2.4 has a flaw in the management of system and organization administrators that allows for privilege escalation. System administrators that are members of organizations can have their passwords reset by organization administrators, allowing organization administrators access to the entire system. Ansible Tower en versiones anteriores a la 3.2.4 tiene un error en la gestión de administradores de sistema y organización que permite el escalado de privilegios. Los administradores ... • https://access.redhat.com/errata/RHSA-2018:1328 • CWE-266: Incorrect Privilege Assignment CWE-521: Weak Password Requirements •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2013-2049
https://notcve.org/view.php?id=CVE-2013-2049
01 May 2018 — Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering attacks by leveraging use of a static secret_token.rb secret. Red Hat CloudForms 2 Management Engine (CFME) permite que atacantes remotos lleven a cabo ataques de falsificación de sesión aprovechando el uso de un secreto estático secret_token.rb. • https://bugzilla.redhat.com/show_bug.cgi?id=959041 • CWE-384: Session Fixation •
CVSS: 9.8EPSS: 22%CPEs: 23EXPL: 5CVE-2018-7750 – Paramiko 2.4.1 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2018-7750
13 Mar 2018 — transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. transport.py en la implementación del servidor SSH de Paramiko, en versiones anteriores a la 1.17.6; versiones 1.18.x ante... • https://packetstorm.news/files/id/150020 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 80%CPEs: 9EXPL: 0CVE-2018-1058 – postgresql: Uncontrolled search path element in pg_dump and other client applications
https://notcve.org/view.php?id=CVE-2018-1058
02 Mar 2018 — A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected. Se ha encontrado un error en la forma en la que Postgresql permitía que un usuario modificase el comportamiento de una consulta para otros usuarios. Un atacante con una cuenta de usuario podría emplear este error para ejecutar código con permisos de ... • http://www.securityfocus.com/bid/103221 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15125 – cloudforms: XSS in self-service UI snapshot feature
https://notcve.org/view.php?id=CVE-2017-15125
01 Mar 2018 — A flaw was found in CloudForms before 5.9.0.22 in the self-service UI snapshot feature where the name field is not properly sanitized for HTML and JavaScript input. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms. Please note that CSP (Content Security Policy) prevents exploitation of this XSS however not all browsers support CSP. Se ha encontrado un fallo en CloudForms en versiones anteriores a la 5.9.0.22 en la función de instantánea de la in... • http://www.securityfocus.com/bid/102287 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12191 – CFME: VMRC plugin console grants users administrative access
https://notcve.org/view.php?id=CVE-2017-12191
28 Feb 2018 — A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be appropriate for users of CloudForms (and thus this account). An attacker could use this vulnerability to view and make changes to settings in the VMRC and virtual machines controlled by it that they should not have access to. Se ha encontrado un error en la configuración de cuentas CloudForms al emplear VMware. P... • https://access.redhat.com/errata/RHSA-2018:0374 • CWE-284: Improper Access Control CWE-613: Insufficient Session Expiration •
CVSS: 7.0EPSS: 0%CPEs: 11EXPL: 0CVE-2018-1053 – postgresql: pg_upgrade creates file of sensitive metadata under prevailing umask
https://notcve.org/view.php?id=CVE-2018-1053
09 Feb 2018 — In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_dumpall -g` under umask which was in effect when the user invoked pg_upgrade, and not under 0077 which is normally used for other temporary files. This can allow an authenticated attacker to read or modify the one file, which may contain encrypted or unencrypted database passwords. The attack is infeasible if a... • http://www.securityfocus.com/bid/102986 • CWE-377: Insecure Temporary File CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0087 – CFME: check_privileges logic error resulting in privilege escalation
https://notcve.org/view.php?id=CVE-2014-0087
11 Jan 2018 — The check_privileges method in vmdb/app/controllers/application_controller.rb in ManageIQ, as used in Red Hat CloudForms Management Engine (CFME), allows remote authenticated users to bypass authorization and gain privileges by leveraging improper RBAC checking, related to the rbac_user_edit action. El método check_privileges en vmdb/app/controllers/application_controller.rb en ManageIQ, tal y como se emplea en Red Hat CloudForms Management Engine (CFME), permite que usuarios autenticados remotos omitan la ... • https://bugzilla.redhat.com/show_bug.cgi?id=1067623 • CWE-264: Permissions, Privileges, and Access Controls CWE-285: Improper Authorization •