Required CVE Record Information
Description
Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudForms 4.0 Management Engine (CFME) 5.5.0 do not properly encrypt data in the backend PostgreSQL database, which might allow local users to obtain sensitive data and consequently gain privileges by leveraging access to (1) database exports or (2) log files.
References 3 Total
- access.redhat.com: RHSA-2015:2551 vendor-advisory
- rhn.redhat.com: RHSA-2015:2620 vendor-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1283019
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 3 Total
- access.redhat.com: RHSA-2015:2551 vendor-advisoryx_transferred
- rhn.redhat.com: RHSA-2015:2620 vendor-advisoryx_transferred
- https://bugzilla.redhat.com/show_bug.cgi?id=1283019 x_transferred