Descrição
A flaw was found in the CloudForms web interface, versions 5.8 – 5.10, where the RSS feed URLs are not properly restricted to authenticated users only. An attacker could use this flaw to view potentially sensitive information from CloudForms including data such as newly created virtual machines.
Software
Não informado
Tipo Software
Core
CVE
CVE-2017-15123
Tags
Nâo informado
Data de publicação
12/06/2019
Última atualização
24/02/2022
Pontuação em CVSS 3.0
5.3
Médio