{"containers": {"cna": {"affected": [{"product": "CFME", "vendor": "Red Hat", "versions": [{"status": "affected", "version": "5.6.2.2"}, {"status": "affected", "version": "5.7.0.7"}]}], "datePublic": "2016-10-20T00:00:00", "descriptions": [{"lang": "en", "value": "It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-285", "description": "CWE-285", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-09-11T09:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2016:2091", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2091.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7071"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2016-7071", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "CFME", "version": {"version_data": [{"version_value": "5.6.2.2"}, {"version_value": "5.7.0.7"}]}}]}, "vendor_name": "Red Hat"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM."}]}, "impact": {"cvss": [[{"vectorString": "8.8/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}], [{"vectorString": "9.0/AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}]]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-285"}]}]}, "references": {"reference_data": [{"name": "RHSA-2016:2091", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2091.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7071", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7071"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:50:47.480Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2016:2091", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2091.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7071"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-7071", "datePublished": "2018-09-10T15:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:47.480Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:cloudforms_management_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2800A49-1AE4-44D7-9339-C1FFB4E17DD6", "versionEndExcluding": "5.6.2.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:cloudforms_management_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "473DECCF-ADEC-4664-8F08-569972BC93CF", "versionEndExcluding": "5.7.0.7", "versionStartIncluding": "5.7.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:cloudforms:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "BF303B35-7EBD-44D3-90FB-2B6295FCEB86", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM."}, {"lang": "es", "value": "Se ha descubierto que CloudForms en versiones anteriores a la 5.6.2.2 y versiones 5.7.0.7 no aplic\u00f3 correctamente controles de permisos a los ID de las m\u00e1quinas virtuales pasados por los usuarios. Un atacante autenticado remoto podr\u00eda emplear este error para ejecutar m\u00e1quinas virtuales en sistemas gestionados por CloudForms si conoce el ID de la m\u00e1quina"}], "id": "CVE-2016-7071", "lastModified": "2024-11-21T02:57:24.073", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-10T15:29:00.607", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2091.html"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7071"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2091.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7071"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-285"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2016:2091", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.6::el7", "package": "cfme-0:5.6.2.2-1.el7cf", "product_name": "CloudForms Management Engine 5.6", "release_date": "2016-10-20T00:00:00Z"}, {"advisory": "RHSA-2016:2091", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.6::el7", "package": "cfme-appliance-0:5.6.2.2-1.el7cf", "product_name": "CloudForms Management Engine 5.6", "release_date": "2016-10-20T00:00:00Z"}, {"advisory": "RHSA-2016:2091", "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.6::el7", "package": "cfme-gemset-0:5.6.2.2-1.el7cf", "product_name": "CloudForms Management Engine 5.6", "release_date": "2016-10-20T00:00:00Z"}], "bugzilla": {"description": "CFME: bypass authorization by altering VM ID", "id": "1383124", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383124"}, "csaw": false, "cvss": {"cvss_base_score": "9.0", "cvss_scoring_vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "status": "verified"}, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-285", "details": ["It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM.", "It was found that the CloudForms did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM."], "name": "CVE-2016-7071", "public_date": "2016-10-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-7071\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-7071"], "threat_severity": "Important"}