cloudforms is vulnerable to information disclosure. The user passwords are stored in a recoverable format, allowing an attacker to obtain the passwords in cleartext.
access.redhat.com/errata/RHEA-2013:1487
access.redhat.com/security/cve/cve-2013-4423
access.redhat.com/site/documentation/en-US/CloudForms/3.0/html/Management_Engine_5.2_Technical_Notes/index.html
bugzilla.redhat.com/show_bug.cgi?id=1018345
bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4423
rhn.redhat.com/rhn/software/downloads/SupportedISOs.do?filter_string=CloudForms