Lucene search
Redhat.comRH:CVE-2020-10783HistoryAug 03, 2020 - 2:14 p.m.
CVE-2020-10783
2020-08-0314:14:58
redhat.com
access.redhat.com
16
0.001 Low
EPSS
Percentile
39.8%
A role-based privileges escalation flaw was found in Red Hat CloudForms where export or import of administrator files was possible. An attacker with EVM-Operator group can perform actions restricted only to system administrator. Refer CVE-2020-25716 for remaining RBAC group fixes.
Mitigation
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.
Related
redhat
redhat
(RHSA-2020:5554) Important: CloudForms 5.0.10 security, bug fix and enhancement update
2020-12-15 21:11:20
(RHSA-2020:3574) Critical: CloudForms 4.7.16 security, bug fix and enhancement update
2020-08-27 15:55:13
(RHSA-2020:3358) Critical: CloudForms 5.0.7 bug fix and enhancement update
2020-08-06 14:27:00
prion
prion
Design/Logic Flaw
2021-06-07 21:15:00
Privilege escalation
2020-08-11 13:15:00
redhatcve
redhatcve
CVE-2020-25716
2020-11-17 14:08:51
cve
cve
CVE-2020-25716
2021-06-07 21:15:07
CVE-2020-10783
2020-08-11 13:15:12
cvelist
cvelist
CVE-2020-25716
2021-06-07 20:27:15
CVE-2020-10783
2020-08-11 12:35:13
nessus
nessus
RHEL 8 : CloudForms 5.0.10 (RHSA-2020:5554)
2020-12-18 00:00:00
RHEL 7 : CloudForms 4.7.16 (RHSA-2020:3574)
2020-08-27 00:00:00
RHEL 8 : CloudForms 5.0.7 update (Critical) (RHSA-2020:3358)
2020-08-06 00:00:00
nvd
nvd
CVE-2020-25716
2021-06-07 21:15:07
CVE-2020-10783
2020-08-11 13:15:12
veracode
veracode
Privilege Escalation
2020-12-19 05:51:32
Privilege Escalation
2020-08-07 02:30:43