5.5

CVE-2012-5603

proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatCloudforms Version <= 1.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.04% 0.596
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 8 4.9
AV:N/AC:L/Au:S/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://rhn.redhat.com/errata/RHSA-2013-0544.html
http://rhn.redhat.com/errata/RHSA-2012-1543.html
Vendor Advisory
http://secunia.com/advisories/51472
Vendor Advisory
http://www.securityfocus.com/bid/56819
http://osvdb.org/88140
http://osvdb.org/88142
https://bugzilla.redhat.com/show_bug.cgi?id=882129
https://exchange.xforce.ibmcloud.com/vulnerabilities/80549