Filtered by vendor Cloudforms Tools Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-5605 2 Cloudforms Tools, Redhat 2 1, Cloudforms 2024-11-21 N/A
Grinder in Red Hat CloudForms before 1.1 uses world-writable permissions for /var/lib/pulp/cache/grinder/, which allows local users to modify grinder cache files.
CVE-2012-5603 3 Cloudforms Tools, Redhat, Rhel Sam 3 1, Cloudforms, 1.2 2024-11-21 N/A
proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system.
CVE-2012-4574 2 Cloudforms Tools, Redhat 3 1, Cloudforms, Rhui 2024-11-21 N/A
Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file.
CVE-2012-3538 2 Cloudforms Tools, Redhat 2 1, Cloudforms 2024-11-21 N/A
Pulp in Red Hat CloudForms before 1.1 logs administrative passwords in a world-readable file, which allows local users to read pulp administrative passwords by reading production.log.