CVE-2016-5383

CWE-284Improper Access ControlCWE-20Improper Input Validation5 documents5 sources
Severity
8.8HIGH
EPSS
1.5%
top 19.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Cloudforms
Timeline
PublishedAug 26
Latest updateMay 17

Description

The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-8vfr-r3m3-8998: The web UI in Red Hat CloudForms 42022-05-17
CVEList
CVE-2016-5383: The web UI in Red Hat CloudForms 42016-08-26

📋Vendor Advisories

1
Red Hat
CloudForms: Lack of field filters on user input2016-08-18

💬Community

1
Bugzilla
CVE-2016-5383 CloudForms: Lack of field filters on user input2016-07-07
CVE-2016-5383 (HIGH CVSS 8.8) | The web UI in Red Hat CloudForms 4. | cvebase.io