Vulnerability in Redhat Cloudforms

CVE-2012-5604

The ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when using Active Directory for authentication, allows remote attackers to bypass authentication via unspecified vectors.

EPSS: 0.002 (39.5th percentile) — read the EPSS interpretation.

Affected products

Redhat Cloudforms — versions 1.1
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

secalert@redhat.com (x_refsource_MISC)
RHSA-2013:0544 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)