Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not normally accessible.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2020-08-11T13:14:57

Updated: 2024-08-04T12:39:36.243Z

Reserved: 2020-06-17T00:00:00

Link: CVE-2020-14296

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-08-11T14:15:11.460

Modified: 2020-08-12T18:54:14.230

Link: CVE-2020-14296

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-08-03T13:30:00Z

Links: CVE-2020-14296 - Bugzilla