PT-2013-1810 · Red Hat · Katello+1
Lukas Zapletal
·
Publicado
2013-01-04
·
Atualizado
2017-08-29
·
CVE-2012-5603
CVSS v2.0
5.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Red Hat CloudForms version 1.0
Description
The issue is related to the proxies controller.rb in Katello, where it does not properly check permissions. This allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the
consumer UUID of a system.Recommendations
For Red Hat CloudForms version 1.0, update to version 1.1 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Katello
Red Hat Cloudforms