Описание
The CatalogController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to delete arbitrary catalogs via vectors involving guessing the catalog ID.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-862
https://bugzilla.redhat.com/show_bug.cgi?id=1064556CFME: multiple authorization bypass vulnerabilities in CatalogController
EPSS
Процентиль: 69%
0.00619
Низкий
4 Medium
CVSS2
Связанные уязвимости
nvd
больше 11 лет назад
The CatalogController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to delete arbitrary catalogs via vectors involving guessing the catalog ID.
github
больше 3 лет назад
The CatalogController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to delete arbitrary catalogs via vectors involving guessing the catalog ID.
EPSS
Процентиль: 69%
0.00619
Низкий
4 Medium
CVSS2