Lucene search
PRIOn knowledge basePRION:CVE-2017-2664HistoryJul 26, 2018 - 2:29 p.m.
Code injection
2018-07-2614:29:00
PRIOn knowledge base
www.prio-n.com
3
CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1 lacks RBAC controls on certain methods in the rails application portion of CloudForms. An attacker with access could use a variety of methods within the rails application portion of CloudForms to escalate privileges.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cloudforms | eq | 4.6 | |
| cloudforms | eq | 4.2 | |
| cloudforms_management_engine | ge | 5.8 | |
| cloudforms_management_engine | lt | 5.8.1 | |
| cloudforms_management_engine | lt | 5.7.3 |
Related
redhat
redhat
cve
cve
CVE-2017-2664
2018-07-26 14:29:00
veracode
veracode
Privilege Escalation
2019-01-15 09:20:17
cvelist
cvelist
CVE-2017-2664
2018-07-26 14:00:00
nvd
nvd
CVE-2017-2664
2018-07-26 14:29:00
nessus
nessus
RHEL 7 : Red Hat CloudForms (RHSA-2017:3484)
2024-04-27 00:00:00
redhatcve
redhatcve
CVE-2017-2664
2019-10-11 04:20:31