Back to search
CVE-2012-5603
Published: Jan 4, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
cloudforms-katello-sec-bypass(80549)
vdb-entry
x_refsource_XF
https://bugzilla.redhat.com/show_bug.cgi?id=882129
x_refsource_MISC
88140
vdb-entry
x_refsource_OSVDB
51472
third-party-advisory
x_refsource_SECUNIA
88142
vdb-entry
x_refsource_OSVDB
RHSA-2012:1543
vendor-advisory
x_refsource_REDHAT
56819
vdb-entry
x_refsource_BID
RHSA-2013:0544
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now