CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25716 – Cloudforms: Incomplete fix for CVE-2020-10783
https://notcve.org/view.php?id=CVE-2020-25716
A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest threat from this vulnerability is to data confidentiality and integrity. • https://bugzilla.redhat.com/show_bug.cgi?id=1898525 https://access.redhat.com/security/cve/CVE-2020-25716 • CWE-284: Improper Access Control CWE-285: Improper Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14369 – CloudForms: Cross Site Request Forgery in API notifications
https://notcve.org/view.php?id=CVE-2020-14369
This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently authenticated. An attacker can make a forgery HTTP request to the server by crafting custom flash file which can force the user to perform state changing requests like provisioning VMs, running ansible playbooks and so forth. Esta versión corrige una vulnerabilidad de tipo Cross Site Request Forgery que se encontró en Red Hat CloudForms que forza a los usuarios finales a ejecutar acciones no deseadas en una aplicación web en la que el usuario está actualmente autenticado. Un atacante puede hacer una petición HTTP falsificada al servidor al diseñar un archivo flash personalizado que puede obligar al usuario a llevar a cabo una petición de cambio de estado, como aprovisionar máquinas virtuales, ejecutando libros de jugadas de ansible, etc • https://bugzilla.redhat.com/show_bug.cgi?id=1871921 https://access.redhat.com/security/cve/CVE-2020-14369 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10777 – CloudForms: Cross Site Scripting in report menu title / HTML Code Injection
https://notcve.org/view.php?id=CVE-2020-10777
A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms. Se encontró un fallo de tipo cross-site scripting en la funcionalidad Report Menu de Red Hat CloudForms versiones 4.7 y 5. Un atacante podría usar este fallo para ejecutar un ataque de tipo XSS almacenado en un administrador de aplicaciones que usa CloudForms A flaw was found in the Report Menu of Red Hat CloudForms where the title field was not properly sanitized for HTML and JavaScript inputs. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms. • https://access.redhat.com/security/cve/cve-2020-10777 https://bugzilla.redhat.com/show_bug.cgi?id=1847605 https://access.redhat.com/security/cve/CVE-2020-10777 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10778 – CloudForms: Business logic bypass through widgets
https://notcve.org/view.php?id=CVE-2020-10778
In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. This business logic flaw violate the expected behavior. En Red Hat CloudForms versiones 4.7 y 5, los widgets de solo lectura pueden ser editados inspeccionando los formularios y eliminando el atributo deshabilitado desde los campos, ya que no existe comprobación del lado del servidor. Este fallo de lógica de negocios viola el comportamiento esperado A business logic flaw was found in Red Hat CloudForms where the read-only values of the Widgets could be altered. An attacker with low privileges could bypass server-side validation by dropping the disabled attribute from the fields. • https://access.redhat.com/security/cve/cve-2020-10778 https://bugzilla.redhat.com/show_bug.cgi?id=1847628 https://access.redhat.com/security/cve/CVE-2020-10778 • CWE-669: Incorrect Resource Transfer Between Spheres CWE-863: Incorrect Authorization •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10779 – CloudForms: Missing functional level access control & IDOR lead to compromise
https://notcve.org/view.php?id=CVE-2020-10779
Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check. Therefore, if an attacker knows the right criteria, it is possible to access some sensitive data within the CloudForms. Red Hat CloudForms versiones 4.7 y 5, conlleva a una referencia directa a objeto no segura (IDOR) y a una omisión de control de acceso de nivel funcional debido a una falta de comprobación de privilegios. Por lo tanto, si un atacante conoce los criterios correctos, es posible acceder a algunos datos confidenciales dentro de CloudForms A flaw was found in Red Hat CloudForms where sensitive data would have been possibly leaked for other existing roles. An attacker with low privilege could make use of EVM-Admin API if certain criteria is met since there was no privilege check on feature. • https://access.redhat.com/security/cve/cve-2020-10779 https://bugzilla.redhat.com/show_bug.cgi?id=1847647 https://access.redhat.com/security/cve/CVE-2020-10779 • CWE-284: Improper Access Control CWE-639: Authorization Bypass Through User-Controlled Key •