← back
CVE-2012-5603

CVE-2012-5603

EPSS 1.0%
proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/88140http://osvdb.org/88142http://rhn.redhat.com/errata/RHSA-2012-1543.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0544.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=882129http://secunia.com/advisories/51472https://exchange.xforce.ibmcloud.com/vulnerabilities/80549http://www.securityfocus.com/bid/56819