Red Hat update for cloudforms
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2018-1101 CVE-2018-1104 CVE-2018-7750 |
| CWE-ID | CWE-264 CWE-77 CWE-592 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #3 is available. |
| Vulnerable software |
CloudForms Client/Desktop applications / Multimedia software |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU12838
Risk: Low
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-1101
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to write arbitrary files and gain elevated privileges on the target system.
The weakness exists in the management of system and organization administrators due to improper security restrictions. A remote attacker can reset the passwords and gain root privileges.
Install update from vendor's website.
Vulnerable software versionsCloudForms: 4.6
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2018:1328
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Command injection
EUVDB-ID: #VU12839
Risk: High
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Amber]
CVE-ID: CVE-2018-1104
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary code on the target system.
The weakness exists in user-provided extra_vars due to command injection via Jinja2 variables. A remote attacker can execute arbitrary code.
Successful exploitation of the vulnerability may result in system compromise.
Install update from vendor's website.
Vulnerable software versionsCloudForms: 4.6
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2018:1328
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Authentication bypass
EUVDB-ID: #VU11130
Risk: Low
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2018-7750
CWE-ID:
CWE-592 - Authentication Bypass Issues
Exploit availability: Yes
DescriptionThe vulnerability allows a remote unauthenticated attacker to bypass authentication.
The weakness exists is due to improper security restrictions. A remote attacker can use a customized SSH client, bypass authentication and gain unauthorized access to resources on the target systemю
Install update from vendor's website.
Vulnerable software versionsCloudForms: 4.6
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2018:1328
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
