Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check. Therefore, if an attacker knows the right criteria, it is possible to access some sensitive data within the CloudForms.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2020-08-11T12:40:35

Updated: 2024-08-04T11:14:15.372Z

Reserved: 2020-03-20T00:00:00

Link: CVE-2020-10779

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-08-11T13:15:12.087

Modified: 2024-11-21T04:56:03.323

Link: CVE-2020-10779

cve-icon Redhat

Severity : Important

Publid Date: 2020-08-03T13:30:00Z

Links: CVE-2020-10779 - Bugzilla