Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not normally accessible.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2020-08-11T13:14:57
Updated: 2024-08-04T12:39:36.243Z
Reserved: 2020-06-17T00:00:00
Link: CVE-2020-14296
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-08-11T14:15:11.460
Modified: 2020-08-12T18:54:14.230
Link: CVE-2020-14296
Redhat