Lucene search
RedhatCVELIST:CVE-2020-25716HistoryJun 07, 2021 - 8:27 p.m.
CVE-2020-25716
2021-06-0720:27:15
CWE-285
redhat
www.cve.org
2
A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before cfme 5.11.10.1 are affected
CNA Affected
[
{
"product": "Cloudforms",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before cfme 5.11.10.1"
}
]
}
]Related
redhat
redhat
(RHSA-2020:5554) Important: CloudForms 5.0.10 security, bug fix and enhancement update
2020-12-15 21:11:20
(RHSA-2020:3574) Critical: CloudForms 4.7.16 security, bug fix and enhancement update
2020-08-27 15:55:13
(RHSA-2020:3358) Critical: CloudForms 5.0.7 bug fix and enhancement update
2020-08-06 14:27:00
prion
prion
Design/Logic Flaw
2021-06-07 21:15:00
Privilege escalation
2020-08-11 13:15:00
redhatcve
redhatcve
CVE-2020-25716
2020-11-17 14:08:51
CVE-2020-10783
2020-08-03 14:14:58
nessus
nessus
RHEL 8 : CloudForms 5.0.10 (RHSA-2020:5554)
2020-12-18 00:00:00
RHEL 7 : CloudForms 4.7.16 (RHSA-2020:3574)
2020-08-27 00:00:00
RHEL 8 : CloudForms 5.0.7 update (Critical) (RHSA-2020:3358)
2020-08-06 00:00:00
nvd
nvd
CVE-2020-25716
2021-06-07 21:15:07
CVE-2020-10783
2020-08-11 13:15:12
cve
cve
CVE-2020-25716
2021-06-07 21:15:07
CVE-2020-10783
2020-08-11 13:15:12
veracode
veracode
Privilege Escalation
2020-12-19 05:51:32
Privilege Escalation
2020-08-07 02:30:43
cvelist
cvelist
CVE-2020-10783
2020-08-11 12:35:13