Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. An attacker with EVM-Operator group can perform actions restricted only to EVM-Super-administrator group, leads to, exporting or importing administrator files.
CPE | Name | Operator | Version |
---|---|---|---|
cloudforms | eq | 4.7 | |
cloudforms | eq | 5.0.0 |