Lucene search
Redhat.comRH:CVE-2020-14325HistoryAug 03, 2020 - 2:15 p.m.
CVE-2020-14325
2020-08-0314:15:29
redhat.com
access.redhat.com
9
0.002 Low
EPSS
Percentile
55.2%
A vulnerability was found in Red Hat CloudForms which allows a malicious attacker to impersonate any user or create a non-existent user with any entitlement in the appliance and perform an API request.
Mitigation
Red Hat recommends upgrading to secured released versions, however, this flaw can be mitigated by unseting RequestHeader in http configuration. Mitigation steps would be:
1. Stop httpd service
$ systemctl stop httpd
2. Add following additional unset at /etc/httpd/conf.d/manageiq-remote-user-openidc.conf and /etc/httpd/conf.d/manageiq-remote-user.conf, right before X_REMOTE_USER unset.
RequestHeader unset X-REMOTE-USER
RequestHeader unset X-REMOTE_USER
RequestHeader unset X_REMOTE-USER
3. Validate configuration files to make sure all syntax is valid
$ apachectl configtest
4. Restart httpd service
$ systemctl start httpd
Related
cve
cve
CVE-2020-14325
2020-08-11 13:15:12
cvelist
cvelist
CVE-2020-14325
2020-08-11 12:49:44
nvd
nvd
CVE-2020-14325
2020-08-11 13:15:12
veracode
veracode
User Impersonation
2020-08-07 02:30:46
prion
prion
Authorization
2020-08-11 13:15:00
nessus
nessus
RHEL 7 : CloudForms 4.7.16 (RHSA-2020:3574)
2020-08-27 00:00:00
RHEL 8 : CloudForms 5.0.7 update (Critical) (RHSA-2020:3358)
2020-08-06 00:00:00
redhat
redhat