Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudForms 4.0 Management Engine (CFME) 5.5.0 do not properly encrypt data in the backend PostgreSQL database, which might allow local users to obtain sensitive data and consequently gain privileges by leveraging access to (1) database exports or (2) log files.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2016-04-11T21:00:00

Updated: 2024-08-06T07:51:28.180Z

Reserved: 2015-09-29T00:00:00

Link: CVE-2015-7502

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2016-04-11T21:59:08.320

Modified: 2024-11-21T02:36:53.367

Link: CVE-2015-7502

cve-icon Redhat

Severity : Moderate

Publid Date: 2015-11-18T00:00:00Z

Links: CVE-2015-7502 - Bugzilla