Redhat: >> Cloudforms Management Engine Security Vulnerabilities
CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1 lacks RBAC controls on certain methods in the rails application portion of CloudForms. An attacker with access could use a variety of methods within the rails application portion of CloudForms to escalate privileges.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-07-26
In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1, it was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will execute that is triggerable by API users. An attacker could use this to execute actions they should not be allowed to (e.g. destroying VMs).
CVSS Score
8.8
EPSS Score
0.003
Published
2018-07-26
CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-07-24
Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering attacks by leveraging use of a static secret_token.rb secret.
CVSS Score
7.5
EPSS Score
0.0
Published
2018-05-01
The check_privileges method in vmdb/app/controllers/application_controller.rb in ManageIQ, as used in Red Hat CloudForms Management Engine (CFME), allows remote authenticated users to bypass authorization and gain privileges by leveraging improper RBAC checking, related to the rbac_user_edit action.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-01-11
CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate.
CVSS Score
7.5
EPSS Score
0.002
Published
2017-06-08
Padding oracle flaw in CloudForms Management Engine (aka CFME) 5 allows remote attackers to obtain sensitive cleartext information.
CVSS Score
5.3
EPSS Score
0.002
Published
2017-04-21
Red Hat CloudForms Management Engine 4.1 does not properly handle regular expressions passed to the expression engine via the JSON API and the web-based UI, which allows remote authenticated users to execute arbitrary shell commands by leveraging the ability to view and filter collections.
CVSS Score
8.8
EPSS Score
0.006
Published
2016-10-07
Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudForms 4.0 Management Engine (CFME) 5.5.0 do not properly encrypt data in the backend PostgreSQL database, which might allow local users to obtain sensitive data and consequently gain privileges by leveraging access to (1) database exports or (2) log files.
CVSS Score
5.1
EPSS Score
0.001
Published
2016-04-11
SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the profile[] parameter in an explorer action.
CVSS Score
7.5
EPSS Score
0.4
Published
2014-01-11