{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-11-13T00:00:00", "descriptions": [{"lang": "en", "value": "Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering attacks by leveraging use of a static secret_token.rb secret."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-05-01T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=959041"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:20:37.481Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=959041"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2013-2049", "datePublished": "2018-05-01T19:00:00", "dateReserved": "2013-02-19T00:00:00", "dateUpdated": "2024-08-06T15:20:37.481Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:cloudforms_management_engine:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "147D4342-B1B5-479B-B197-20EA727F3CD6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering attacks by leveraging use of a static secret_token.rb secret."}, {"lang": "es", "value": "Red Hat CloudForms 2 Management Engine (CFME) permite que atacantes remotos lleven a cabo ataques de falsificaci\u00f3n de sesi\u00f3n aprovechando el uso de un secreto est\u00e1tico secret_token.rb."}], "id": "CVE-2013-2049", "lastModified": "2018-06-13T14:11:15.900", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-05-01T19:29:00.780", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=959041"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-384"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Ramon de C Valle (Red Hat Product Security Team).", "affected_release": [{"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "cfme-0:5.2.0.37-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "cfme-vnc-plugin-0:1.0.0-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "libdnet-0:1.12-11.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "lshw-0:B.02.16-4.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "netapp-manageability-sdk-0:4.0P1-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "open-vm-tools-0:9.2.3-5.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "postgresql92-0:1-12.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "postgresql92-postgresql-0:9.2.4-7.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "prince-0:9.0r2-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "pyliblzma-0:0.5.3-7.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-0:1-11.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-libyaml-0:0.1.4-5.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-ruby-0:1.9.3.448-38.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-actionmailer-1:3.2.13-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-actionpack-1:3.2.13-4.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-actionwebservice-1:3.1.0-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-activemodel-1:3.2.13-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-activerecord-1:3.2.13-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-activeresource-1:3.2.13-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-activesupport-1:3.2.13-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-acts_as_list-0:0.1.9-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-acts_as_tree-0:0.1.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-addressable-0:2.2.8-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-akami-0:1.2.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-american_date-0:1.0.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ancestry-0:1.2.5-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-arel-0:3.0.2-3.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-arrayfields-0:4.9.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-awesome_print-0:1.1.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-aws-sdk-0:1.11.3-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-bcrypt-ruby-0:3.0.1-7.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-binary_struct-0:1.0.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-brakeman-0:2.0.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-builder-0:3.0.0-3.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-bullet-0:4.6.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-bundler-0:1.3.5-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-bundler_ext-0:0.3.0-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-capybara-0:2.1.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-childprocess-0:0.3.9-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-chronic-0:0.3.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-churn-0:0.0.29-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-code_analyzer-0:0.3.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-color-0:1.4.1-4.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-colored-0:1.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-crack-0:0.3.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-daemons-0:1.1.9-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-dalli-0:2.2.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-default_value_for-0:1.0.7-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-diff-lcs-0:1.1.3-1.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-elif-0:0.1.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-erubis-0:2.7.0-4.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-eventmachine-0:1.0.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-excon-0:0.25.3-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ezcrypto-0:0.7-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-facade-0:1.0.5-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-factory_girl-0:4.1.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-fastercsv-0:1.5.5-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-fattr-0:2.2.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ffi-0:1.3.1-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-flay-0:2.3.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-flog-0:3.2.3-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-fog-0:1.14.0-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-formatador-0:0.2.4-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-gyoku-0:0.4.6-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-haml-0:4.0.3-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-haml-rails-0:0.4-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-handsoap-0:0.2.5-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-highline-0:1.6.19-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-hike-0:1.2.1-3.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-hirb-0:0.7.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-hmac-0:0.4.0-7.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-hoe-0:2.12.3-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-httparty-0:0.10.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-httpclient-0:2.2.7-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-httpi-0:1.1.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-i18n-0:0.6.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-inifile-0:2.0.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-io-extra-0:1.2.6-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-japgolly-Saikuro-0:1.1.1.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-journey-0:1.0.4-2.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-json-0:1.8.0-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-json_pure-0:1.8.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-libxml-ruby-0:2.2.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-linux_admin-0:0.5.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-little-plugger-0:1.1.3-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-log4r-0:1.1.8-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-logging-0:1.6.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-mail-0:2.5.3-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-main-0:4.7.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-map-0:6.5.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-metric_fu-0:3.0.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-mime-types-0:1.20.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-minitest-0:3.2.0-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-more_core_extensions-0:1.1.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-multi_json-0:1.7.7-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-multi_xml-0:0.5.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-net-http-persistent-0:2.7-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-net-ldap-0:0.2.20110317223538-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-net-ping-0:1.5.3-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-netrc-0:0.7.7-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-net-scp-0:1.1.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-net-sftp-0:2.0.5-7.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-net-ssh-0:2.6.5-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-nokogiri-0:1.5.6-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-nori-0:1.1.4-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-open4-0:1.3.0-4.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ovirt_metrics-0:1.0.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-parallel-0:0.5.21-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-pdf-writer-0:1.1.8-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-pg-0:0.12.2-5.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-Platform-0:0.4.0-4.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-polyglot-0:0.3.3-2.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-princely-0:1.2.6-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-progressbar-0:0.11.0-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-prototype-rails-0:3.2.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-qpid_messaging-0:0.20.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rack-1:1.4.5-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rack-cache-0:1.2-2.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rack-ssl-0:1.3.2-7.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rack-test-0:0.6.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rails-1:3.2.13-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rails_best_practices-0:1.13.8-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-railties-1:3.2.13-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rake-0:10.1.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rake-compiler-0:0.8.3-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rbovirt-0:0.0.17-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rbvmomi-0:1.2.3-4.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rdoc-0:3.12.2-4.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-reek-0:1.3.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ref-0:1.0.0-3.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rest-client-0:1.6.7-5.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-roodi-0:2.2.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rspec-0:2.12.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rspec-core-0:2.12.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rspec-expectations-0:2.12.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rspec-mocks-0:2.12.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rspec-rails-0:2.12.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ruby2ruby-0:2.0.6-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rubyforge-0:2.0.4-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ruby-graphviz-0:1.0.9-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ruby_parser-0:3.1.3-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ruby-plsql-0:0.4.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ruby-prof-0:0.13.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ruby-progressbar-0:0.0.10-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rubyrep-0:1.2.0-4.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rubywbem-0:0.1.0-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rubyzip-0:0.9.5-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rufus-lru-0:1.0.5-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-rufus-scheduler-0:2.0.19-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ruport-0:1.7.0-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-sass-0:3.1.20-3.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-savon-0:1.1.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-selenium-webdriver-0:2.32.1-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-sexp_processor-0:4.2.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-shindo-0:0.3.4-7.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-shoulda-matchers-0:1.0.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-simplecov-0:0.7.1-6.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-simplecov-html-0:0.7.1-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-simplecov-rcov-0:0.2.3-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-simplecov-rcov-text-0:0.0.2-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-simple-rss-0:1.2.3-8.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-slim-0:1.3.9-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-snmp-0:1.1.0-6.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-soap4r-0:1.6.0-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-sprockets-0:2.4.5-2.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-sqlite3-0:1.3.6-2.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-state_machine-0:1.1.2-8.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-syntax-0:1.0.0-8.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-temple-0:0.6.5-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-terminal-table-0:1.4.5-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-test-spec-0:0.10.0-7.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-test-unit-0:2.4.5-5.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-therubyracer-0:0.11.0-0.6.beta5.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-thin-0:1.3.1-5.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-thor-0:0.18.1-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-tilt-0:1.3.3-10.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-timecop-0:0.5.3-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-transaction-simple-0:1.4.0-5.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-treetop-0:1.4.10-6.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-trollop-0:1.16.2-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-tzinfo-0:0.3.33-2.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-uniform_notifier-0:1.2.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-uuidtools-0:2.1.3-3.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-vcr-0:2.4.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-wasabi-0:2.5.1-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-webmock-0:1.11.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-websocket-0:1.0.7-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-xml-simple-0:1.0.12-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-xpath-0:2.0.0-1.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-rubygem-ziya-0:2.3.0-2.el6cf", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}, {"advisory": "RHEA-2013:1487", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5::el6", "package": "ruby193-v8-1:3.14.5.10-1.1.el6", "product_name": "CloudForms Management Engine 5.x", "release_date": "2013-10-31T00:00:00Z"}], "bugzilla": {"description": "2: static secret_token.rb value", "id": "959041", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=959041"}, "csaw": false, "cvss": {"cvss_base_score": "5.0", "cvss_scoring_vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "status": "verified"}, "details": ["Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering attacks by leveraging use of a static secret_token.rb secret."], "name": "CVE-2013-2049", "public_date": "2013-11-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-2049\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-2049\nhttp://blog.mhartl.com/2008/08/15/a-security-issue-with-rails-secret-session-keys/\nhttp://blog.phusion.nl/2013/01/04/securing-the-rails-session-secret/"], "statement": "This issue is resolved in CloudForms 3.0. The maintenance support policy for CloudForms 2.0 only covers critical security issues, meaning this issue is out of scope. Users of CloudForms 2.0 are advised to upgrade to CloudForms 3.0 to address this issue.", "threat_severity": "Important"}