exploitDog

GHSA-2499-9m7g-hrw5

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8.1.2. A user with permissions to use the MiqReportResults capability within the API could potentially view data from other tenants or groups to which they should not have access.

A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8.1.2. A user with permissions to use the MiqReportResults capability within the API could potentially view data from other tenants or groups to which they should not have access.

Ссылки

EPSS

Процентиль: 55%

0.00328

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2016-7047

CVSS3: 4.3

redhat

больше 8 лет назад

A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8.1.2. A user with permissions to use the MiqReportResults capability within the API could potentially view data from other tenants or groups to which they should not have access.

CVE-2016-7047

CVSS3: 4.3

nvd

больше 7 лет назад

A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8.1.2. A user with permissions to use the MiqReportResults capability within the API could potentially view data from other tenants or groups to which they should not have access.

EPSS

Процентиль: 55%

0.00328

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-200