A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, where the RSS feed URLs are not properly restricted to authenticated users only. An attacker could use this flaw to view potentially sensitive information from CloudForms including data such as newly created virtual machines.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2019-06-12T13:39:34

Updated: 2024-08-05T19:50:16.217Z

Reserved: 2017-10-08T00:00:00

Link: CVE-2017-15123

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-06-12T14:29:00.243

Modified: 2024-11-21T03:14:06.980

Link: CVE-2017-15123

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-06-05T18:58:00Z

Links: CVE-2017-15123 - Bugzilla