CVE-2012-5603
Published Jan 4, 2013
Last updated 7 years ago
Overview
- Description
- proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.5
- Impact score
- 4.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:cloudforms:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72189D15-3318-45CD-B37E-FD53E4422052", "versionEndIncluding": "1.0" } ], "operator": "OR" } ] } ]