CVE-2012-5603

Published Jan 4, 2013

Last updated 7 years ago

Overview

Description
proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system.
Source
secalert@redhat.com
NVD status
Modified

Risk scores

CVSS 2.0

Type
Primary
Base score
5.5
Impact score
4.9
Exploitability score
8
Vector string
AV:N/AC:L/Au:S/C:P/I:P/A:N

Weaknesses

nvd@nist.gov
CWE-264

Social media

Hype score
Not currently trending

Configurations