CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25716 – Cloudforms: Incomplete fix for CVE-2020-10783
https://notcve.org/view.php?id=CVE-2020-25716
A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest threat from this vulnerability is to data confidentiality and integrity. • https://bugzilla.redhat.com/show_bug.cgi?id=1898525 https://access.redhat.com/security/cve/CVE-2020-25716 • CWE-284: Improper Access Control CWE-285: Improper Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14369 – CloudForms: Cross Site Request Forgery in API notifications
https://notcve.org/view.php?id=CVE-2020-14369
This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently authenticated. An attacker can make a forgery HTTP request to the server by crafting custom flash file which can force the user to perform state changing requests like provisioning VMs, running ansible playbooks and so forth. Esta versión corrige una vulnerabilidad de tipo Cross Site Request Forgery que se encontró en Red Hat CloudForms que forza a los usuarios finales a ejecutar acciones no deseadas en una aplicación web en la que el usuario está actualmente autenticado. Un atacante puede hacer una petición HTTP falsificada al servidor al diseñar un archivo flash personalizado que puede obligar al usuario a llevar a cabo una petición de cambio de estado, como aprovisionar máquinas virtuales, ejecutando libros de jugadas de ansible, etc • https://bugzilla.redhat.com/show_bug.cgi?id=1871921 https://access.redhat.com/security/cve/CVE-2020-14369 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10779 – CloudForms: Missing functional level access control & IDOR lead to compromise
https://notcve.org/view.php?id=CVE-2020-10779
Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check. Therefore, if an attacker knows the right criteria, it is possible to access some sensitive data within the CloudForms. Red Hat CloudForms versiones 4.7 y 5, conlleva a una referencia directa a objeto no segura (IDOR) y a una omisión de control de acceso de nivel funcional debido a una falta de comprobación de privilegios. Por lo tanto, si un atacante conoce los criterios correctos, es posible acceder a algunos datos confidenciales dentro de CloudForms A flaw was found in Red Hat CloudForms where sensitive data would have been possibly leaked for other existing roles. An attacker with low privilege could make use of EVM-Admin API if certain criteria is met since there was no privilege check on feature. • https://access.redhat.com/security/cve/cve-2020-10779 https://bugzilla.redhat.com/show_bug.cgi?id=1847647 https://access.redhat.com/security/cve/CVE-2020-10779 • CWE-284: Improper Access Control CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10777 – CloudForms: Cross Site Scripting in report menu title / HTML Code Injection
https://notcve.org/view.php?id=CVE-2020-10777
A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms. Se encontró un fallo de tipo cross-site scripting en la funcionalidad Report Menu de Red Hat CloudForms versiones 4.7 y 5. Un atacante podría usar este fallo para ejecutar un ataque de tipo XSS almacenado en un administrador de aplicaciones que usa CloudForms A flaw was found in the Report Menu of Red Hat CloudForms where the title field was not properly sanitized for HTML and JavaScript inputs. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms. • https://access.redhat.com/security/cve/cve-2020-10777 https://bugzilla.redhat.com/show_bug.cgi?id=1847605 https://access.redhat.com/security/cve/CVE-2020-10777 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10780 – CloudForms: CSV Injection in Orchestration Templates
https://notcve.org/view.php?id=CVE-2020-10780
Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel. Once the victim opens the file, the formula executes, triggering any number of possible events. While this is strictly not an flaw that affects the application directly, attackers could use the loosely validated parameters to trigger several attack possibilities. Red Hat CloudForms versiones 4.7 y 5, está afectado por un fallo de inyección CSV, una carga útil diseñada permanece inactiva hasta que una víctima la exporta como CSV y abre el archivo con Excel. Una vez que la víctima abre el archivo, la fórmula es ejecutada, desencadenando cualquier número de posibles eventos. • https://access.redhat.com/security/cve/cve-2020-10780 https://bugzilla.redhat.com/show_bug.cgi?id=1847794 https://access.redhat.com/security/cve/CVE-2020-10780 • CWE-20: Improper Input Validation CWE-1236: Improper Neutralization of Formula Elements in a CSV File •