Vulnerability in Redhat Cloudforms
CVE-2012-5603
proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors relate…
EPSS: 0.003 (48.9th percentile) — read the EPSS interpretation.
Affected products
- Redhat Cloudforms
- N/a — versions n/a
Weakness classification (CWE)
References
- cloudforms-katello-sec-bypass(80549) (vdb-entry, x_refsource_XF)
- secalert@redhat.com (x_refsource_MISC)
- 88140 (x_refsource_OSVDB, vdb-entry)
- 51472 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- 88142 (x_refsource_OSVDB, vdb-entry)
- RHSA-2012:1543 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
- 56819 (vdb-entry, x_refsource_BID)
- RHSA-2013:0544 (x_refsource_REDHAT, vendor-advisory)