CVE-2014-0057 – CFME: Dangerous send in ServiceController
https://notcve.org/view.php?id=CVE-2014-0057
The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unspecified vectors. El método x_button en el controlador de servicio (vmdb/app/controllers/service_controller.rb) en Red Hat CloudForms 3.0 Management Engine 5.2 permite a atacantes remotos ejecutar métodos arbitrarios a través de vectores no especificados. • http://rhn.redhat.com/errata/RHSA-2014-0215.html http://secunia.com/advisories/57376 https://bugzilla.redhat.com/show_bug.cgi?id=1064140 https://access.redhat.com/security/cve/CVE-2014-0057 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVE-2014-0081 – rubygem-actionpack: number_to_currency, number_to_percentage and number_to_human XSS vulnerability
https://notcve.org/view.php?id=CVE-2014-0081
Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML via the (1) format, (2) negative_format, or (3) units parameter to the (a) number_to_currency, (b) number_to_percentage, or (c) number_to_human helper. Múltiples vulnerabilidades de XSS en actionview/lib/action_view/helpers/number_helper.rb en Ruby on Rails anterior a 3.2.17, 4.0.x anterior a 4.0.3 y 4.1.x anterior a 4.1.0.beta2 permiten a atacantes remotos inyectar script Web o HTML arbitrarios a través del parámetro (1) format, (2) negative_format, o (3) units hacia la ayuda de (a) number_to_currency, (b) number_to_percentage, o (c) number_to_human. • http://lists.opensuse.org/opensuse-updates/2014-02/msg00081.html http://openwall.com/lists/oss-security/2014/02/18/8 http://rhn.redhat.com/errata/RHSA-2014-0215.html http://rhn.redhat.com/errata/RHSA-2014-0306.html http://secunia.com/advisories/57376 http://www.securityfocus.com/bid/65647 http://www.securitytracker.com/id/1029782 https://groups.google.com/forum/message/raw?msg=rubyonrails-security/tfp6gZCtzr4/j8LUHmu7fIEJ https://access.redhat.com/security/cve/CVE-2014-0081 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-6443 – CFME: GET request CSRF vulnerability
https://notcve.org/view.php?id=CVE-2013-6443
CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destructive action in a request. CloudForms 3.0 Management Engine anterior a la versión 5.2.1.6 permite a atacantes remotos evadir el mecanismo protect_from_forgery de Ruby on Rails y llevar a cabo ataques de CSRF a través de una acción destructiva en una petición. • http://rhn.redhat.com/errata/RHSA-2014-0025.html http://www.securitytracker.com/id/1029606 https://access.redhat.com/security/cve/CVE-2013-6443 https://bugzilla.redhat.com/show_bug.cgi?id=1044178 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2012-5604
https://notcve.org/view.php?id=CVE-2012-5604
The ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when using Active Directory for authentication, allows remote attackers to bypass authentication via unspecified vectors. La gema ldap_fluff para Ruby, tal y como se emplea en Red Hat CloudForms 1.1, cuando se emplea Active Directory para la autenticación, permite que atacantes remotos omitan la autenticación mediante vectores sin especificar. • http://rhn.redhat.com/errata/RHSA-2013-0544.html https://bugzilla.redhat.com/show_bug.cgi?id=882136 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-4574 – pulp /etc/pulp/pulp.conf world readable, contains default admin password
https://notcve.org/view.php?id=CVE-2012-4574
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file. Pulp en Red Hat CloudForms anteriores a v1.1 usa permisos "world-readable" en pulp.conf, lo que permite a usuarios locales a leer las contraseñas administrativas leyendo este fichero. • http://osvdb.org/88138 http://rhn.redhat.com/errata/RHSA-2012-1543.html http://secunia.com/advisories/51472 http://www.securityfocus.com/bid/56819 https://bugzilla.redhat.com/show_bug.cgi?id=872487 https://exchange.xforce.ibmcloud.com/vulnerabilities/80548 https://access.redhat.com/security/cve/CVE-2012-4574 • CWE-255: Credentials Management Errors •