RHSA-2018:0374
Vulnerability from csaf_redhat - Published: 2018-02-28 13:04 - Updated: 2025-11-21 18:03Summary
Red Hat Security Advisory: Red Hat CloudForms security, bug fix, and enhancement update
Severity
Important
Notes
Topic: An update is now available for CloudForms Management Engine 5.8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
Ansible Tower helps you scale IT automation, manage complex deployments and speed productivity. Centralize and control your IT infrastructure with a visual dashboard, role-based access control, job scheduling, integrated notifications and graphical inventory management. And Ansible Tower's REST API and CLI make it easy to embed Ansible Tower into existing tools and processes.
Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.
Security Fix(es):
* A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be appropriate for users of CloudForms (and thus this account). An attacker could use this vulnerability to view and make changes to settings in the VMRC and virtual machines controlled by it that they should not have access to. (CVE-2017-12191)
This issue was discovered by Gellert Kis (Red Hat).
Additional Changes:
This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be appropriate for users of CloudForms (and thus this account). An attacker could use this vulnerability to view and make changes to settings in the VMRC and virtual machines controlled by it that they should not have access to.
7.4 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
If the postgresql service is running, it will be automatically restarted after installing this update.
https://access.redhat.com/errata/RHSA-2018:0374
References
Acknowledgments
Red Hat
Gellert Kis
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for CloudForms Management Engine 5.8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.\n\nAnsible Tower helps you scale IT automation, manage complex deployments and speed productivity. Centralize and control your IT infrastructure with a visual dashboard, role-based access control, job scheduling, integrated notifications and graphical inventory management. And Ansible Tower\u0027s REST API and CLI make it easy to embed Ansible Tower into existing tools and processes.\n\nRed Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.\n\nSecurity Fix(es):\n\n* A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be appropriate for users of CloudForms (and thus this account). An attacker could use this vulnerability to view and make changes to settings in the VMRC and virtual machines controlled by it that they should not have access to. (CVE-2017-12191)\n\nThis issue was discovered by Gellert Kis (Red Hat).\n\nAdditional Changes:\n\nThis update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0374",
"url": "https://access.redhat.com/errata/RHSA-2018:0374"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1458929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458929"
},
{
"category": "external",
"summary": "1459190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459190"
},
{
"category": "external",
"summary": "1460377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1460377"
},
{
"category": "external",
"summary": "1460815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1460815"
},
{
"category": "external",
"summary": "1461164",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461164"
},
{
"category": "external",
"summary": "1463422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463422"
},
{
"category": "external",
"summary": "1478518",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478518"
},
{
"category": "external",
"summary": "1478520",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478520"
},
{
"category": "external",
"summary": "1479402",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479402"
},
{
"category": "external",
"summary": "1479939",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479939"
},
{
"category": "external",
"summary": "1479940",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479940"
},
{
"category": "external",
"summary": "1481378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481378"
},
{
"category": "external",
"summary": "1481446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481446"
},
{
"category": "external",
"summary": "1487306",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1487306"
},
{
"category": "external",
"summary": "1489697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489697"
},
{
"category": "external",
"summary": "1490416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490416"
},
{
"category": "external",
"summary": "1496900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496900"
},
{
"category": "external",
"summary": "1496903",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496903"
},
{
"category": "external",
"summary": "1496904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496904"
},
{
"category": "external",
"summary": "1496907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496907"
},
{
"category": "external",
"summary": "1496908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496908"
},
{
"category": "external",
"summary": "1496909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496909"
},
{
"category": "external",
"summary": "1496922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496922"
},
{
"category": "external",
"summary": "1496925",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496925"
},
{
"category": "external",
"summary": "1496930",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496930"
},
{
"category": "external",
"summary": "1496931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496931"
},
{
"category": "external",
"summary": "1496932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496932"
},
{
"category": "external",
"summary": "1496936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496936"
},
{
"category": "external",
"summary": "1496937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496937"
},
{
"category": "external",
"summary": "1496939",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496939"
},
{
"category": "external",
"summary": "1496943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496943"
},
{
"category": "external",
"summary": "1496945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496945"
},
{
"category": "external",
"summary": "1496947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496947"
},
{
"category": "external",
"summary": "1496949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496949"
},
{
"category": "external",
"summary": "1497209",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1497209"
},
{
"category": "external",
"summary": "1498506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498506"
},
{
"category": "external",
"summary": "1498511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498511"
},
{
"category": "external",
"summary": "1498516",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498516"
},
{
"category": "external",
"summary": "1498518",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498518"
},
{
"category": "external",
"summary": "1498525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498525"
},
{
"category": "external",
"summary": "1498542",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498542"
},
{
"category": "external",
"summary": "1498544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498544"
},
{
"category": "external",
"summary": "1498891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498891"
},
{
"category": "external",
"summary": "1500029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500029"
},
{
"category": "external",
"summary": "1500445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500445"
},
{
"category": "external",
"summary": "1500448",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500448"
},
{
"category": "external",
"summary": "1500517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500517"
},
{
"category": "external",
"summary": "1500808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500808"
},
{
"category": "external",
"summary": "1500954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500954"
},
{
"category": "external",
"summary": "1501475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501475"
},
{
"category": "external",
"summary": "1501481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501481"
},
{
"category": "external",
"summary": "1501524",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501524"
},
{
"category": "external",
"summary": "1501897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501897"
},
{
"category": "external",
"summary": "1503611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503611"
},
{
"category": "external",
"summary": "1503639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503639"
},
{
"category": "external",
"summary": "1504199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504199"
},
{
"category": "external",
"summary": "1504775",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504775"
},
{
"category": "external",
"summary": "1505415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1505415"
},
{
"category": "external",
"summary": "1505456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1505456"
},
{
"category": "external",
"summary": "1505501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1505501"
},
{
"category": "external",
"summary": "1505503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1505503"
},
{
"category": "external",
"summary": "1505545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1505545"
},
{
"category": "external",
"summary": "1505951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1505951"
},
{
"category": "external",
"summary": "1506624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506624"
},
{
"category": "external",
"summary": "1509008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509008"
},
{
"category": "external",
"summary": "1509024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509024"
},
{
"category": "external",
"summary": "1509378",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509378"
},
{
"category": "external",
"summary": "1509391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509391"
},
{
"category": "external",
"summary": "1509414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509414"
},
{
"category": "external",
"summary": "1509419",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509419"
},
{
"category": "external",
"summary": "1509423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1509423"
},
{
"category": "external",
"summary": "1510054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510054"
},
{
"category": "external",
"summary": "1510142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510142"
},
{
"category": "external",
"summary": "1510175",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510175"
},
{
"category": "external",
"summary": "1510241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510241"
},
{
"category": "external",
"summary": "1510564",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510564"
},
{
"category": "external",
"summary": "1510698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510698"
},
{
"category": "external",
"summary": "1511032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511032"
},
{
"category": "external",
"summary": "1511125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511125"
},
{
"category": "external",
"summary": "1511130",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511130"
},
{
"category": "external",
"summary": "1511135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511135"
},
{
"category": "external",
"summary": "1511142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511142"
},
{
"category": "external",
"summary": "1511144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511144"
},
{
"category": "external",
"summary": "1511147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511147"
},
{
"category": "external",
"summary": "1511196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511196"
},
{
"category": "external",
"summary": "1511502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511502"
},
{
"category": "external",
"summary": "1511517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511517"
},
{
"category": "external",
"summary": "1511528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511528"
},
{
"category": "external",
"summary": "1511548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511548"
},
{
"category": "external",
"summary": "1511595",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1511595"
},
{
"category": "external",
"summary": "1512661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512661"
},
{
"category": "external",
"summary": "1512665",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512665"
},
{
"category": "external",
"summary": "1512667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512667"
},
{
"category": "external",
"summary": "1512694",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512694"
},
{
"category": "external",
"summary": "1512695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512695"
},
{
"category": "external",
"summary": "1512706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512706"
},
{
"category": "external",
"summary": "1512728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512728"
},
{
"category": "external",
"summary": "1512955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512955"
},
{
"category": "external",
"summary": "1512967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1512967"
},
{
"category": "external",
"summary": "1513124",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1513124"
},
{
"category": "external",
"summary": "1513509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1513509"
},
{
"category": "external",
"summary": "1513699",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1513699"
},
{
"category": "external",
"summary": "1514139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1514139"
},
{
"category": "external",
"summary": "1514184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1514184"
},
{
"category": "external",
"summary": "1514570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1514570"
},
{
"category": "external",
"summary": "1515367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515367"
},
{
"category": "external",
"summary": "1515402",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515402"
},
{
"category": "external",
"summary": "1515407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515407"
},
{
"category": "external",
"summary": "1515416",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515416"
},
{
"category": "external",
"summary": "1515426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515426"
},
{
"category": "external",
"summary": "1515483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515483"
},
{
"category": "external",
"summary": "1518357",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518357"
},
{
"category": "external",
"summary": "1518368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518368"
},
{
"category": "external",
"summary": "1518372",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518372"
},
{
"category": "external",
"summary": "1518374",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518374"
},
{
"category": "external",
"summary": "1518383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518383"
},
{
"category": "external",
"summary": "1518392",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518392"
},
{
"category": "external",
"summary": "1518600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518600"
},
{
"category": "external",
"summary": "1519809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519809"
},
{
"category": "external",
"summary": "1519910",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519910"
},
{
"category": "external",
"summary": "1519915",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519915"
},
{
"category": "external",
"summary": "1519987",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519987"
},
{
"category": "external",
"summary": "1520541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1520541"
},
{
"category": "external",
"summary": "1520557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1520557"
},
{
"category": "external",
"summary": "1521036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1521036"
},
{
"category": "external",
"summary": "1522951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1522951"
},
{
"category": "external",
"summary": "1523402",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523402"
},
{
"category": "external",
"summary": "1523404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523404"
},
{
"category": "external",
"summary": "1523408",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523408"
},
{
"category": "external",
"summary": "1523771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523771"
},
{
"category": "external",
"summary": "1523773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523773"
},
{
"category": "external",
"summary": "1523774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523774"
},
{
"category": "external",
"summary": "1523777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523777"
},
{
"category": "external",
"summary": "1523788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523788"
},
{
"category": "external",
"summary": "1523851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523851"
},
{
"category": "external",
"summary": "1523855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1523855"
},
{
"category": "external",
"summary": "1524646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1524646"
},
{
"category": "external",
"summary": "1525092",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525092"
},
{
"category": "external",
"summary": "1525551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525551"
},
{
"category": "external",
"summary": "1525563",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525563"
},
{
"category": "external",
"summary": "1525583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525583"
},
{
"category": "external",
"summary": "1526040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1526040"
},
{
"category": "external",
"summary": "1526473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1526473"
},
{
"category": "external",
"summary": "1527676",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1527676"
},
{
"category": "external",
"summary": "1530653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530653"
},
{
"category": "external",
"summary": "1530708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530708"
},
{
"category": "external",
"summary": "1530717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530717"
},
{
"category": "external",
"summary": "1531146",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531146"
},
{
"category": "external",
"summary": "1531147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531147"
},
{
"category": "external",
"summary": "1531156",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531156"
},
{
"category": "external",
"summary": "1531161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531161"
},
{
"category": "external",
"summary": "1531177",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531177"
},
{
"category": "external",
"summary": "1531178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531178"
},
{
"category": "external",
"summary": "1531256",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531256"
},
{
"category": "external",
"summary": "1531261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531261"
},
{
"category": "external",
"summary": "1531262",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531262"
},
{
"category": "external",
"summary": "1531274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531274"
},
{
"category": "external",
"summary": "1531554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531554"
},
{
"category": "external",
"summary": "1531615",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531615"
},
{
"category": "external",
"summary": "1531618",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531618"
},
{
"category": "external",
"summary": "1531619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531619"
},
{
"category": "external",
"summary": "1532328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532328"
},
{
"category": "external",
"summary": "1532854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532854"
},
{
"category": "external",
"summary": "1532857",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532857"
},
{
"category": "external",
"summary": "1533167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533167"
},
{
"category": "external",
"summary": "1533169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533169"
},
{
"category": "external",
"summary": "1533171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533171"
},
{
"category": "external",
"summary": "1534584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534584"
},
{
"category": "external",
"summary": "1534589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534589"
},
{
"category": "external",
"summary": "1534591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534591"
},
{
"category": "external",
"summary": "1534601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534601"
},
{
"category": "external",
"summary": "1536052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1536052"
},
{
"category": "external",
"summary": "1536672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1536672"
},
{
"category": "external",
"summary": "1537015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537015"
},
{
"category": "external",
"summary": "1537145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537145"
},
{
"category": "external",
"summary": "1537284",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537284"
},
{
"category": "external",
"summary": "1538349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538349"
},
{
"category": "external",
"summary": "1538350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538350"
},
{
"category": "external",
"summary": "1538351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538351"
},
{
"category": "external",
"summary": "1539752",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1539752"
},
{
"category": "external",
"summary": "1540699",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540699"
},
{
"category": "external",
"summary": "1541072",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1541072"
},
{
"category": "external",
"summary": "1542170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1542170"
},
{
"category": "external",
"summary": "1542240",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1542240"
},
{
"category": "external",
"summary": "1542577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1542577"
},
{
"category": "external",
"summary": "1542741",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1542741"
},
{
"category": "external",
"summary": "1543121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543121"
},
{
"category": "external",
"summary": "1543150",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543150"
},
{
"category": "external",
"summary": "1543172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543172"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0374.json"
}
],
"title": "Red Hat Security Advisory: Red Hat CloudForms security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T18:03:46+00:00",
"generator": {
"date": "2025-11-21T18:03:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:0374",
"initial_release_date": "2018-02-28T13:04:37+00:00",
"revision_history": [
{
"date": "2018-02-28T13:04:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-02-28T13:04:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:03:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CloudForms Management Engine 5.8",
"product": {
"name": "CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cloudforms_managementengine:5.8::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat CloudForms"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-tower-setup-0:3.1.5-3.el7at.x86_64",
"product": {
"name": "ansible-tower-setup-0:3.1.5-3.el7at.x86_64",
"product_id": "ansible-tower-setup-0:3.1.5-3.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-tower-setup@3.1.5-3.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ansible-tower-server-0:3.1.5-3.el7at.x86_64",
"product": {
"name": "ansible-tower-server-0:3.1.5-3.el7at.x86_64",
"product_id": "ansible-tower-server-0:3.1.5-3.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-tower-server@3.1.5-3.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "postgresql94-plperl-0:9.4.15-3PGDG.el7at.x86_64",
"product": {
"name": "postgresql94-plperl-0:9.4.15-3PGDG.el7at.x86_64",
"product_id": "postgresql94-plperl-0:9.4.15-3PGDG.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94-plperl@9.4.15-3PGDG.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "postgresql94-plpython-0:9.4.15-3PGDG.el7at.x86_64",
"product": {
"name": "postgresql94-plpython-0:9.4.15-3PGDG.el7at.x86_64",
"product_id": "postgresql94-plpython-0:9.4.15-3PGDG.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94-plpython@9.4.15-3PGDG.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "postgresql94-debuginfo-0:9.4.15-3PGDG.el7at.x86_64",
"product": {
"name": "postgresql94-debuginfo-0:9.4.15-3PGDG.el7at.x86_64",
"product_id": "postgresql94-debuginfo-0:9.4.15-3PGDG.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94-debuginfo@9.4.15-3PGDG.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "postgresql94-docs-0:9.4.15-3PGDG.el7at.x86_64",
"product": {
"name": "postgresql94-docs-0:9.4.15-3PGDG.el7at.x86_64",
"product_id": "postgresql94-docs-0:9.4.15-3PGDG.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94-docs@9.4.15-3PGDG.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "postgresql94-0:9.4.15-3PGDG.el7at.x86_64",
"product": {
"name": "postgresql94-0:9.4.15-3PGDG.el7at.x86_64",
"product_id": "postgresql94-0:9.4.15-3PGDG.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94@9.4.15-3PGDG.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "postgresql94-devel-0:9.4.15-3PGDG.el7at.x86_64",
"product": {
"name": "postgresql94-devel-0:9.4.15-3PGDG.el7at.x86_64",
"product_id": "postgresql94-devel-0:9.4.15-3PGDG.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94-devel@9.4.15-3PGDG.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "postgresql94-libs-0:9.4.15-3PGDG.el7at.x86_64",
"product": {
"name": "postgresql94-libs-0:9.4.15-3PGDG.el7at.x86_64",
"product_id": "postgresql94-libs-0:9.4.15-3PGDG.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94-libs@9.4.15-3PGDG.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "postgresql94-pltcl-0:9.4.15-3PGDG.el7at.x86_64",
"product": {
"name": "postgresql94-pltcl-0:9.4.15-3PGDG.el7at.x86_64",
"product_id": "postgresql94-pltcl-0:9.4.15-3PGDG.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94-pltcl@9.4.15-3PGDG.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "postgresql94-server-0:9.4.15-3PGDG.el7at.x86_64",
"product": {
"name": "postgresql94-server-0:9.4.15-3PGDG.el7at.x86_64",
"product_id": "postgresql94-server-0:9.4.15-3PGDG.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94-server@9.4.15-3PGDG.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "postgresql94-test-0:9.4.15-3PGDG.el7at.x86_64",
"product": {
"name": "postgresql94-test-0:9.4.15-3PGDG.el7at.x86_64",
"product_id": "postgresql94-test-0:9.4.15-3PGDG.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94-test@9.4.15-3PGDG.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "postgresql94-contrib-0:9.4.15-3PGDG.el7at.x86_64",
"product": {
"name": "postgresql94-contrib-0:9.4.15-3PGDG.el7at.x86_64",
"product_id": "postgresql94-contrib-0:9.4.15-3PGDG.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94-contrib@9.4.15-3PGDG.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python2-crypto-0:2.6.1-16.el7at.x86_64",
"product": {
"name": "python2-crypto-0:2.6.1-16.el7at.x86_64",
"product_id": "python2-crypto-0:2.6.1-16.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-crypto@2.6.1-16.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-crypto-debuginfo-0:2.6.1-16.el7at.x86_64",
"product": {
"name": "python-crypto-debuginfo-0:2.6.1-16.el7at.x86_64",
"product_id": "python-crypto-debuginfo-0:2.6.1-16.el7at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-crypto-debuginfo@2.6.1-16.el7at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-0:5.8.3.4-1.el7cf.x86_64",
"product": {
"name": "cfme-0:5.8.3.4-1.el7cf.x86_64",
"product_id": "cfme-0:5.8.3.4-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme@5.8.3.4-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"product": {
"name": "cfme-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"product_id": "cfme-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-debuginfo@5.8.3.4-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-0:5.8.3.4-1.el7cf.x86_64",
"product": {
"name": "cfme-appliance-0:5.8.3.4-1.el7cf.x86_64",
"product_id": "cfme-appliance-0:5.8.3.4-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance@5.8.3.4-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"product": {
"name": "cfme-appliance-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"product_id": "cfme-appliance-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance-debuginfo@5.8.3.4-1.el7cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-gemset-0:5.8.3.4-1.el7cf.x86_64",
"product": {
"name": "cfme-gemset-0:5.8.3.4-1.el7cf.x86_64",
"product_id": "cfme-gemset-0:5.8.3.4-1.el7cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-gemset@5.8.3.4-1.el7cf?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "postgresql94-0:9.4.15-3PGDG.el7at.src",
"product": {
"name": "postgresql94-0:9.4.15-3PGDG.el7at.src",
"product_id": "postgresql94-0:9.4.15-3PGDG.el7at.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/postgresql94@9.4.15-3PGDG.el7at?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-crypto-0:2.6.1-16.el7at.src",
"product": {
"name": "python-crypto-0:2.6.1-16.el7at.src",
"product_id": "python-crypto-0:2.6.1-16.el7at.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-crypto@2.6.1-16.el7at?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-0:2.4.3.0-1.el7ae.src",
"product": {
"name": "ansible-0:2.4.3.0-1.el7ae.src",
"product_id": "ansible-0:2.4.3.0-1.el7ae.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible@2.4.3.0-1.el7ae?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-paramiko-0:2.1.1-2.el7ae.src",
"product": {
"name": "python-paramiko-0:2.1.1-2.el7ae.src",
"product_id": "python-paramiko-0:2.1.1-2.el7ae.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-paramiko@2.1.1-2.el7ae?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-jmespath-0:0.9.0-4.el7ae.src",
"product": {
"name": "python-jmespath-0:0.9.0-4.el7ae.src",
"product_id": "python-jmespath-0:0.9.0-4.el7ae.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jmespath@0.9.0-4.el7ae?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-0:5.8.3.4-1.el7cf.src",
"product": {
"name": "cfme-0:5.8.3.4-1.el7cf.src",
"product_id": "cfme-0:5.8.3.4-1.el7cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme@5.8.3.4-1.el7cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-0:5.8.3.4-1.el7cf.src",
"product": {
"name": "cfme-appliance-0:5.8.3.4-1.el7cf.src",
"product_id": "cfme-appliance-0:5.8.3.4-1.el7cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance@5.8.3.4-1.el7cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-gemset-0:5.8.3.4-1.el7cf.src",
"product": {
"name": "cfme-gemset-0:5.8.3.4-1.el7cf.src",
"product_id": "cfme-gemset-0:5.8.3.4-1.el7cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-gemset@5.8.3.4-1.el7cf?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-0:2.4.3.0-1.el7ae.noarch",
"product": {
"name": "ansible-0:2.4.3.0-1.el7ae.noarch",
"product_id": "ansible-0:2.4.3.0-1.el7ae.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible@2.4.3.0-1.el7ae?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-paramiko-0:2.1.1-2.el7ae.noarch",
"product": {
"name": "python-paramiko-0:2.1.1-2.el7ae.noarch",
"product_id": "python-paramiko-0:2.1.1-2.el7ae.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-paramiko@2.1.1-2.el7ae?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-paramiko-doc-0:2.1.1-2.el7ae.noarch",
"product": {
"name": "python-paramiko-doc-0:2.1.1-2.el7ae.noarch",
"product_id": "python-paramiko-doc-0:2.1.1-2.el7ae.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-paramiko-doc@2.1.1-2.el7ae?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-jmespath-0:0.9.0-4.el7ae.noarch",
"product": {
"name": "python2-jmespath-0:0.9.0-4.el7ae.noarch",
"product_id": "python2-jmespath-0:0.9.0-4.el7ae.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-jmespath@0.9.0-4.el7ae?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-0:2.4.3.0-1.el7ae.noarch as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:ansible-0:2.4.3.0-1.el7ae.noarch"
},
"product_reference": "ansible-0:2.4.3.0-1.el7ae.noarch",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-0:2.4.3.0-1.el7ae.src as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:ansible-0:2.4.3.0-1.el7ae.src"
},
"product_reference": "ansible-0:2.4.3.0-1.el7ae.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-server-0:3.1.5-3.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:ansible-tower-server-0:3.1.5-3.el7at.x86_64"
},
"product_reference": "ansible-tower-server-0:3.1.5-3.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-setup-0:3.1.5-3.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:ansible-tower-setup-0:3.1.5-3.el7at.x86_64"
},
"product_reference": "ansible-tower-setup-0:3.1.5-3.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-0:5.8.3.4-1.el7cf.src as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:cfme-0:5.8.3.4-1.el7cf.src"
},
"product_reference": "cfme-0:5.8.3.4-1.el7cf.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-0:5.8.3.4-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:cfme-0:5.8.3.4-1.el7cf.x86_64"
},
"product_reference": "cfme-0:5.8.3.4-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-0:5.8.3.4-1.el7cf.src as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.3.4-1.el7cf.src"
},
"product_reference": "cfme-appliance-0:5.8.3.4-1.el7cf.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-0:5.8.3.4-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.3.4-1.el7cf.x86_64"
},
"product_reference": "cfme-appliance-0:5.8.3.4-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-debuginfo-0:5.8.3.4-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:cfme-appliance-debuginfo-0:5.8.3.4-1.el7cf.x86_64"
},
"product_reference": "cfme-appliance-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-debuginfo-0:5.8.3.4-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:cfme-debuginfo-0:5.8.3.4-1.el7cf.x86_64"
},
"product_reference": "cfme-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-gemset-0:5.8.3.4-1.el7cf.src as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.3.4-1.el7cf.src"
},
"product_reference": "cfme-gemset-0:5.8.3.4-1.el7cf.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-gemset-0:5.8.3.4-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.3.4-1.el7cf.x86_64"
},
"product_reference": "cfme-gemset-0:5.8.3.4-1.el7cf.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-0:9.4.15-3PGDG.el7at.src as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-0:9.4.15-3PGDG.el7at.src"
},
"product_reference": "postgresql94-0:9.4.15-3PGDG.el7at.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-0:9.4.15-3PGDG.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-0:9.4.15-3PGDG.el7at.x86_64"
},
"product_reference": "postgresql94-0:9.4.15-3PGDG.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-contrib-0:9.4.15-3PGDG.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-contrib-0:9.4.15-3PGDG.el7at.x86_64"
},
"product_reference": "postgresql94-contrib-0:9.4.15-3PGDG.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-debuginfo-0:9.4.15-3PGDG.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-debuginfo-0:9.4.15-3PGDG.el7at.x86_64"
},
"product_reference": "postgresql94-debuginfo-0:9.4.15-3PGDG.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-devel-0:9.4.15-3PGDG.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-devel-0:9.4.15-3PGDG.el7at.x86_64"
},
"product_reference": "postgresql94-devel-0:9.4.15-3PGDG.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-docs-0:9.4.15-3PGDG.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-docs-0:9.4.15-3PGDG.el7at.x86_64"
},
"product_reference": "postgresql94-docs-0:9.4.15-3PGDG.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-libs-0:9.4.15-3PGDG.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-libs-0:9.4.15-3PGDG.el7at.x86_64"
},
"product_reference": "postgresql94-libs-0:9.4.15-3PGDG.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-plperl-0:9.4.15-3PGDG.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-plperl-0:9.4.15-3PGDG.el7at.x86_64"
},
"product_reference": "postgresql94-plperl-0:9.4.15-3PGDG.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-plpython-0:9.4.15-3PGDG.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-plpython-0:9.4.15-3PGDG.el7at.x86_64"
},
"product_reference": "postgresql94-plpython-0:9.4.15-3PGDG.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-pltcl-0:9.4.15-3PGDG.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-pltcl-0:9.4.15-3PGDG.el7at.x86_64"
},
"product_reference": "postgresql94-pltcl-0:9.4.15-3PGDG.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-server-0:9.4.15-3PGDG.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-server-0:9.4.15-3PGDG.el7at.x86_64"
},
"product_reference": "postgresql94-server-0:9.4.15-3PGDG.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "postgresql94-test-0:9.4.15-3PGDG.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:postgresql94-test-0:9.4.15-3PGDG.el7at.x86_64"
},
"product_reference": "postgresql94-test-0:9.4.15-3PGDG.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-crypto-0:2.6.1-16.el7at.src as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:python-crypto-0:2.6.1-16.el7at.src"
},
"product_reference": "python-crypto-0:2.6.1-16.el7at.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-crypto-debuginfo-0:2.6.1-16.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:python-crypto-debuginfo-0:2.6.1-16.el7at.x86_64"
},
"product_reference": "python-crypto-debuginfo-0:2.6.1-16.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jmespath-0:0.9.0-4.el7ae.src as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:python-jmespath-0:0.9.0-4.el7ae.src"
},
"product_reference": "python-jmespath-0:0.9.0-4.el7ae.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-paramiko-0:2.1.1-2.el7ae.noarch as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:python-paramiko-0:2.1.1-2.el7ae.noarch"
},
"product_reference": "python-paramiko-0:2.1.1-2.el7ae.noarch",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-paramiko-0:2.1.1-2.el7ae.src as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:python-paramiko-0:2.1.1-2.el7ae.src"
},
"product_reference": "python-paramiko-0:2.1.1-2.el7ae.src",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-paramiko-doc-0:2.1.1-2.el7ae.noarch as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:python-paramiko-doc-0:2.1.1-2.el7ae.noarch"
},
"product_reference": "python-paramiko-doc-0:2.1.1-2.el7ae.noarch",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-crypto-0:2.6.1-16.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:python2-crypto-0:2.6.1-16.el7at.x86_64"
},
"product_reference": "python2-crypto-0:2.6.1-16.el7at.x86_64",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-jmespath-0:0.9.0-4.el7ae.noarch as a component of CloudForms Management Engine 5.8",
"product_id": "7Server-RH7-CFME-5.8:python2-jmespath-0:0.9.0-4.el7ae.noarch"
},
"product_reference": "python2-jmespath-0:0.9.0-4.el7ae.noarch",
"relates_to_product_reference": "7Server-RH7-CFME-5.8"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Gellert Kis"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2017-12191",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2017-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1500517"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be appropriate for users of CloudForms (and thus this account). An attacker could use this vulnerability to view and make changes to settings in the VMRC and virtual machines controlled by it that they should not have access to.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CFME: VMRC plugin console grants users administrative access",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-CFME-5.8:ansible-0:2.4.3.0-1.el7ae.noarch",
"7Server-RH7-CFME-5.8:ansible-0:2.4.3.0-1.el7ae.src",
"7Server-RH7-CFME-5.8:ansible-tower-server-0:3.1.5-3.el7at.x86_64",
"7Server-RH7-CFME-5.8:ansible-tower-setup-0:3.1.5-3.el7at.x86_64",
"7Server-RH7-CFME-5.8:cfme-0:5.8.3.4-1.el7cf.src",
"7Server-RH7-CFME-5.8:cfme-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.3.4-1.el7cf.src",
"7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-appliance-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.3.4-1.el7cf.src",
"7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-0:9.4.15-3PGDG.el7at.src",
"7Server-RH7-CFME-5.8:postgresql94-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-contrib-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-debuginfo-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-devel-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-docs-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-libs-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-plperl-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-plpython-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-pltcl-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-server-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-test-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:python-crypto-0:2.6.1-16.el7at.src",
"7Server-RH7-CFME-5.8:python-crypto-debuginfo-0:2.6.1-16.el7at.x86_64",
"7Server-RH7-CFME-5.8:python-jmespath-0:0.9.0-4.el7ae.src",
"7Server-RH7-CFME-5.8:python-paramiko-0:2.1.1-2.el7ae.noarch",
"7Server-RH7-CFME-5.8:python-paramiko-0:2.1.1-2.el7ae.src",
"7Server-RH7-CFME-5.8:python-paramiko-doc-0:2.1.1-2.el7ae.noarch",
"7Server-RH7-CFME-5.8:python2-crypto-0:2.6.1-16.el7at.x86_64",
"7Server-RH7-CFME-5.8:python2-jmespath-0:0.9.0-4.el7ae.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12191"
},
{
"category": "external",
"summary": "RHBZ#1500517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12191",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12191"
}
],
"release_date": "2018-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-02-28T13:04:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update.",
"product_ids": [
"7Server-RH7-CFME-5.8:ansible-0:2.4.3.0-1.el7ae.noarch",
"7Server-RH7-CFME-5.8:ansible-0:2.4.3.0-1.el7ae.src",
"7Server-RH7-CFME-5.8:ansible-tower-server-0:3.1.5-3.el7at.x86_64",
"7Server-RH7-CFME-5.8:ansible-tower-setup-0:3.1.5-3.el7at.x86_64",
"7Server-RH7-CFME-5.8:cfme-0:5.8.3.4-1.el7cf.src",
"7Server-RH7-CFME-5.8:cfme-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.3.4-1.el7cf.src",
"7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-appliance-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.3.4-1.el7cf.src",
"7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-0:9.4.15-3PGDG.el7at.src",
"7Server-RH7-CFME-5.8:postgresql94-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-contrib-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-debuginfo-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-devel-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-docs-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-libs-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-plperl-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-plpython-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-pltcl-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-server-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-test-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:python-crypto-0:2.6.1-16.el7at.src",
"7Server-RH7-CFME-5.8:python-crypto-debuginfo-0:2.6.1-16.el7at.x86_64",
"7Server-RH7-CFME-5.8:python-jmespath-0:0.9.0-4.el7ae.src",
"7Server-RH7-CFME-5.8:python-paramiko-0:2.1.1-2.el7ae.noarch",
"7Server-RH7-CFME-5.8:python-paramiko-0:2.1.1-2.el7ae.src",
"7Server-RH7-CFME-5.8:python-paramiko-doc-0:2.1.1-2.el7ae.noarch",
"7Server-RH7-CFME-5.8:python2-crypto-0:2.6.1-16.el7at.x86_64",
"7Server-RH7-CFME-5.8:python2-jmespath-0:0.9.0-4.el7ae.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0374"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-CFME-5.8:ansible-0:2.4.3.0-1.el7ae.noarch",
"7Server-RH7-CFME-5.8:ansible-0:2.4.3.0-1.el7ae.src",
"7Server-RH7-CFME-5.8:ansible-tower-server-0:3.1.5-3.el7at.x86_64",
"7Server-RH7-CFME-5.8:ansible-tower-setup-0:3.1.5-3.el7at.x86_64",
"7Server-RH7-CFME-5.8:cfme-0:5.8.3.4-1.el7cf.src",
"7Server-RH7-CFME-5.8:cfme-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.3.4-1.el7cf.src",
"7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-appliance-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-debuginfo-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.3.4-1.el7cf.src",
"7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.3.4-1.el7cf.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-0:9.4.15-3PGDG.el7at.src",
"7Server-RH7-CFME-5.8:postgresql94-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-contrib-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-debuginfo-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-devel-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-docs-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-libs-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-plperl-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-plpython-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-pltcl-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-server-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:postgresql94-test-0:9.4.15-3PGDG.el7at.x86_64",
"7Server-RH7-CFME-5.8:python-crypto-0:2.6.1-16.el7at.src",
"7Server-RH7-CFME-5.8:python-crypto-debuginfo-0:2.6.1-16.el7at.x86_64",
"7Server-RH7-CFME-5.8:python-jmespath-0:0.9.0-4.el7ae.src",
"7Server-RH7-CFME-5.8:python-paramiko-0:2.1.1-2.el7ae.noarch",
"7Server-RH7-CFME-5.8:python-paramiko-0:2.1.1-2.el7ae.src",
"7Server-RH7-CFME-5.8:python-paramiko-doc-0:2.1.1-2.el7ae.noarch",
"7Server-RH7-CFME-5.8:python2-crypto-0:2.6.1-16.el7at.x86_64",
"7Server-RH7-CFME-5.8:python2-jmespath-0:0.9.0-4.el7ae.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CFME: VMRC plugin console grants users administrative access"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…