CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5402 – cfme: RCE via Capacity & Utilization feature
https://notcve.org/view.php?id=CVE-2016-5402
A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to execute arbitrary code as the user CFME runs as. Se ha encontrado un error de inyección de código en la forma en la que se procesan los archivos de control de capacidad y utilización importados. Un atacante autenticado remoto con acceso a la característica de capacidad y utilización podría emplear este error para ejecutar código arbitrario como el usuario como el que se ejecuta CFME. • http://rhn.redhat.com/errata/RHSA-2016-2839.html http://www.securityfocus.com/bid/94612 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5402 https://access.redhat.com/security/cve/CVE-2016-5402 https://bugzilla.redhat.com/show_bug.cgi?id=1357559 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2016-7071 – CFME: bypass authorization by altering VM ID
https://notcve.org/view.php?id=CVE-2016-7071
It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM. Se ha descubierto que CloudForms en versiones anteriores a la 5.6.2.2 y versiones 5.7.0.7 no aplicó correctamente controles de permisos a los ID de las máquinas virtuales pasados por los usuarios. Un atacante autenticado remoto podría emplear este error para ejecutar máquinas virtuales en sistemas gestionados por CloudForms si conoce el ID de la máquina It was found that the CloudForms did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM. • http://rhn.redhat.com/errata/RHSA-2016-2091.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7071 https://access.redhat.com/security/cve/CVE-2016-7071 https://bugzilla.redhat.com/show_bug.cgi?id=1383124 • CWE-285: Improper Authorization •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7040 – cfme: Incorrect sanitization in regular expression engine
https://notcve.org/view.php?id=CVE-2016-7040
Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections. Red Hat CloudForms Management Engine 4.1 no maneja adecuadamente expresiones regulares pasadas al motor de expresión a través de la API JSON y la interfaz de usuario basada en web, lo que permite a usuarios remotos autenticados ejecutar comandos shell arbitrarios aprovechando la capacidad de ver y filtrar colecciones. An input validation flaw was found in the way CloudForms regular expressions were passed to the expression engine via both the JSON API and the web based UI. A user with the ability to view collections and filter them could use this flaw to execute arbitrary shell commands on the host with the privileges of the CloudForms process. • http://rhn.redhat.com/errata/RHSA-2016-1996.html http://www.securityfocus.com/bid/93893 https://access.redhat.com/security/cve/CVE-2016-7040 https://bugzilla.redhat.com/show_bug.cgi?id=1375089 • CWE-20: Improper Input Validation CWE-284: Improper Access Control •
CVSS: 5.1EPSS: 0%CPEs: 4EXPL: 0CVE-2015-7502 – CloudForms: insecure password storage in PostgreSQL database
https://notcve.org/view.php?id=CVE-2015-7502
Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudForms 4.0 Management Engine (CFME) 5.5.0 do not properly encrypt data in the backend PostgreSQL database, which might allow local users to obtain sensitive data and consequently gain privileges by leveraging access to (1) database exports or (2) log files. Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 y CloudForms 4.0 Management Engine (CFME) 5.5.0 no cifra correctamente datos en el backend de base de datos PostgreSQL, lo que podría permitir a usuarios locales obtener datos sensibles y consecuentemente obtener privilegios aprovechándose del acceso a (1) exportaciones de base de datos o (2) archivos de registro. A privilege escalation flaw was discovered in CloudForms, where in certain situations, CloudForms could read encrypted data from the database and then write decrypted data back into the database. If the database was then exported or log files generated, a local attacker might be able to gain access to sensitive information. • http://rhn.redhat.com/errata/RHSA-2015-2620.html https://access.redhat.com/errata/RHSA-2015:2551 https://bugzilla.redhat.com/show_bug.cgi?id=1283019 https://access.redhat.com/security/cve/CVE-2015-7502 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2012-6685 – rubygem-nokogiri: XML eXternal Entity (XXE) flaw
https://notcve.org/view.php?id=CVE-2012-6685
Nokogiri before 1.5.4 is vulnerable to XXE attacks Nokogiri versiones anteriores a 1.5.4, es vulnerable a ataques de tipo XXE. • https://bugzilla.redhat.com/show_bug.cgi?id=1178970 https://github.com/sparklemotion/nokogiri/issues/693 https://nokogiri.org/CHANGELOG.html#154-2012-06-12 https://access.redhat.com/security/cve/CVE-2012-6685 • CWE-611: Improper Restriction of XML External Entity Reference CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •