Lucene search
RedHatRHSA-2016:2091HistoryOct 20, 2016 - 2:07 p.m.
(RHSA-2016:2091) Important: CFME 5.6.2.2 security, and bug fix update
2016-10-2014:07:18
access.redhat.com
21
0.001 Low
EPSS
Percentile
49.4%
Red Hat CloudForms Management Engine delivers the insight, control, and
automation needed to address the challenges of managing virtual
environments. CloudForms Management Engine is built on Ruby on Rails, a
model-view-controller (MVC) framework for web application development.
Action Pack implements the controller and the view components.
Security Fix(es):
- CloudForms did not properly apply permissions controls to
VM IDs passed by users. A remote, authenticated attacker could
use this flaw to execute arbitrary VMs on systems managed by
CloudForms if they know the ID of the VM. (CVE-2016-7071)
This update also fixes several bugs. Documentation for these changes
is available in the Release Notes linked to in the References section.
All CFME users are advised to upgrade to these updated packages, which
correct these issues and add these enhancements.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | cfme-debuginfo | < 5.6.2.2-1.el7cf | cfme-debuginfo-5.6.2.2-1.el7cf.x86_64.rpm |
| RedHat | 7 | x86_64 | cfme-gemset | < 5.6.2.2-1.el7cf | cfme-gemset-5.6.2.2-1.el7cf.x86_64.rpm |
| RedHat | 7 | x86_64 | cfme-appliance-debuginfo | < 5.6.2.2-1.el7cf | cfme-appliance-debuginfo-5.6.2.2-1.el7cf.x86_64.rpm |
| RedHat | 7 | x86_64 | cfme-appliance | < 5.6.2.2-1.el7cf | cfme-appliance-5.6.2.2-1.el7cf.x86_64.rpm |
| RedHat | 7 | x86_64 | cfme | < 5.6.2.2-1.el7cf | cfme-5.6.2.2-1.el7cf.x86_64.rpm |
Related
nessus
nessus
RHEL 7 : CFME 5.6.2.2 (RHSA-2016:2091)
2024-04-24 00:00:00
cvelist
cvelist
CVE-2016-7071
2018-09-10 15:00:00
nvd
nvd
CVE-2016-7071
2018-09-10 15:29:00
veracode
veracode
Privilege Escalation
2019-01-15 09:14:00
cve
cve
CVE-2016-7071
2018-09-10 15:29:00
redhatcve
redhatcve
CVE-2016-7071
2016-10-20 17:17:59
prion
prion
Code injection
2018-09-10 15:29:00