CVE-2020-14324 – CloudForms: Out-of-band OS Command Injection through conversion host
https://notcve.org/view.php?id=CVE-2020-14324
A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0. The out of band OS command injection vulnerability can be exploited by authenticated attacker while setuping conversion host through Infrastructure Migration Solution. This flaw allows attacker to execute arbitrary commands on CloudForms server. Se encontró una vulnerabilidad de alta gravedad en todas las versiones activas de Red Hat CloudForms versiones anteriores a 5.11.7.0. La vulnerabilidad de inyección de comandos del Sistema Operativo fuera de banda puede ser explotada por parte de un atacante autenticado mientras configura el host de conversión por medio de Infrastructure Migration Solution. • https://access.redhat.com/security/cve/cve-2020-14324 https://bugzilla.redhat.com/show_bug.cgi?id=1855713 https://access.redhat.com/security/cve/CVE-2020-14324 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2019-14894 – CloudForms: RCE vulnerability in NFS schedule backup
https://notcve.org/view.php?id=CVE-2019-14894
A flaw was found in the CloudForms management engine version 5.10 and CloudForms management version 5.11, which triggered remote code execution through NFS schedule backup. An attacker logged into the management console could use this flaw to execute arbitrary shell commands on the CloudForms server as root. Se encontró un fallo en el motor de administración de CloudForms versión 5.10 y la administración de CloudForms versión 5.11, que desencadenó una ejecución de código remota por medio de la copia de seguridad de la programación NFS. Un atacante que haya iniciado sesión en la consola de administración podría usar este fallo para ejecutar comandos de shell arbitrarios en el servidor de CloudForms como root A flaw was found in the CloudForms management engine, which triggered remote code execution through NFS schedule backup. An attacker logged into the management console could use this flaw to execute arbitrary shell commands on the CloudForms server as root. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14894 https://access.redhat.com/security/cve/CVE-2019-14894 https://bugzilla.redhat.com/show_bug.cgi?id=1769411 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2014-0197 – CFME: CSRF protection vulnerability in referrer header
https://notcve.org/view.php?id=CVE-2014-0197
CFME: CSRF protection vulnerability via permissive check of the referrer header CFME: una vulnerabilidad de la protección CSRF mediante una comprobación permisiva del encabezado de referencia. • https://access.redhat.com/security/cve/cve-2014-0197 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0197 https://access.redhat.com/security/cve/CVE-2014-0197 https://bugzilla.redhat.com/show_bug.cgi?id=1092875 • CWE-285: Improper Authorization CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2018-10854 – cloudforms: stored cross-site scripting in Name field
https://notcve.org/view.php?id=CVE-2018-10854
cloudforms version, cloudforms 5.8 and cloudforms 5.9, is vulnerable to a cross-site-scripting. A flaw was found in CloudForms's v2v infrastructure mapping delete feature. A stored cross-site scripting due to improper sanitization of user input in Name field. La versión de Cloudforms, Cloudforms versión 5.8 y Cloudforms versión 5.9, son vulnerables a un ataque de tipo cross-site-scripting. Se encontró un fallo en la funcionalidad de eliminación de mapeo de infraestructura v2v de CloudForms. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10854 https://access.redhat.com/security/cve/CVE-2018-10854 https://bugzilla.redhat.com/show_bug.cgi?id=1590538 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-10177
https://notcve.org/view.php?id=CVE-2019-10177
A stored cross-site scripting (XSS) vulnerability was found in the PDF export component of CloudForms, versions 5.9 and 5.10, due to user input is not properly sanitized. An attacker with least privilege to edit compute is able to execute a XSS attack against other users, which could lead to malicious code execution and extraction of the anti-CSRF token of higher privileged users. Se encontró una vulnerabilidad almacenada de cross-site scripting (XSS) en el componente de exportación a PDF de CloudForms, versiones 5.9 y 5.10, debido a que la información del usuario no está correctamente saneada. Un atacante con menos privilegios para editar el proceso puede ejecutar un ataque XSS contra otros usuarios, lo que podría provocar la ejecución de un código malicioso y la extracción del token anti-CSRF de usuarios con privilegios más altos. • http://www.securityfocus.com/bid/109065 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10177 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •