cnvd - cnvd-2018-07049

CNVD-2018-07049

Vulnerability from cnvd - Published: 2018-04-04

Title

Red Hat CloudForms Management Engine设计漏洞

Description

Red Hat CloudForms Management Engine（CFME）是美国红帽（Red Hat）公司的一个IaaS（基础设施即服务）云服务解决方案的管理引擎。 Red Hat CFME中的CloudForms账户配置存在安全漏洞。攻击者可利用该漏洞查看和更改VMRC和虚拟机中的设置。

Severity

高

Patch Name

Red Hat CloudForms Management Engine设计漏洞的补丁

Patch Description

Red Hat CloudForms Management Engine（CFME）是美国红帽（Red Hat）公司的一个IaaS（基础设施即服务）云服务解决方案的管理引擎。 Red Hat CFME中的CloudForms账户配置存在安全漏洞。攻击者可利用该漏洞查看和更改VMRC和虚拟机中的设置。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://access.redhat.com/errata/RHSA-2018:0374

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=1500517

Impacted products

Name
Red Hat CloudForms Management Engine

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-12191",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12191"
    }
  },
  "description": "Red Hat CloudForms Management Engine\uff08CFME\uff09\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u4e2aIaaS\uff08\u57fa\u7840\u8bbe\u65bd\u5373\u670d\u52a1\uff09\u4e91\u670d\u52a1\u89e3\u51b3\u65b9\u6848\u7684\u7ba1\u7406\u5f15\u64ce\u3002\r\n\r\nRed Hat CFME\u4e2d\u7684CloudForms\u8d26\u6237\u914d\u7f6e\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u67e5\u770b\u548c\u66f4\u6539VMRC\u548c\u865a\u62df\u673a\u4e2d\u7684\u8bbe\u7f6e\u3002",
  "discovererName": "unknown",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://access.redhat.com/errata/RHSA-2018:0374",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-07049",
  "openTime": "2018-04-04",
  "patchDescription": "Red Hat CloudForms Management Engine\uff08CFME\uff09\u662f\u7f8e\u56fd\u7ea2\u5e3d\uff08Red Hat\uff09\u516c\u53f8\u7684\u4e00\u4e2aIaaS\uff08\u57fa\u7840\u8bbe\u65bd\u5373\u670d\u52a1\uff09\u4e91\u670d\u52a1\u89e3\u51b3\u65b9\u6848\u7684\u7ba1\u7406\u5f15\u64ce\u3002\r\n\r\nRed Hat CFME\u4e2d\u7684CloudForms\u8d26\u6237\u914d\u7f6e\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u67e5\u770b\u548c\u66f4\u6539VMRC\u548c\u865a\u62df\u673a\u4e2d\u7684\u8bbe\u7f6e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Red Hat CloudForms Management Engine\u8bbe\u8ba1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Red Hat CloudForms Management Engine"
  },
  "referenceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=1500517",
  "serverity": "\u9ad8",
  "submitTime": "2018-03-14",
  "title": "Red Hat CloudForms Management Engine\u8bbe\u8ba1\u6f0f\u6d1e"
}

CVE-2017-12191 (GCVE-0-2017-12191)

Vulnerability from cvelistv5 – Published: 2018-02-28 13:00 – Updated: 2024-08-05 18:28

Summary

A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be appropriate for users of CloudForms (and thus this account). An attacker could use this vulnerability to view and make changes to settings in the VMRC and virtual machines controlled by it that they should not have access to.

Severity ?

No CVSS data available.

CWE

CWE-284 - Improper Access Control (CWE-284)

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2018:0374	vendor-advisoryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=1500517	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Red Hat, Inc.	CloudForms	Affected: Through 5.9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:28:16.718Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:0374",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0374"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500517"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "CloudForms",
          "vendor": "Red Hat, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Through 5.9"
            }
          ]
        }
      ],
      "datePublic": "2018-02-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be appropriate for users of CloudForms (and thus this account). An attacker could use this vulnerability to view and make changes to settings in the VMRC and virtual machines controlled by it that they should not have access to."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "Improper Access Control (CWE-284)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-01T10:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2018:0374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0374"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500517"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2017-12191",
    "datePublished": "2018-02-28T13:00:00Z",
    "dateReserved": "2017-08-01T00:00:00",
    "dateUpdated": "2024-08-05T18:28:16.718Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-07049

CVE-2017-12191 (GCVE-0-2017-12191)

Tags

Sightings

Nomenclature