0.001 Low
EPSS
Percentile
49.4%
It was found that the CloudForms did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM.
bugzilla.redhat.com/show_bug.cgi?id=1383124