CVE-2016-7047
published 2018-09-11CVE-2016-7047: A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8.1.2. A user with permissions to use the MiqReportResults capability within the API could…
medium4.3CVSS 3.0
AVNACLPRLUINSUCLINAN
A flaw was found in the CloudForms API before 5.6.3.0, 5.7.3.1 and 5.8.1.2. A user with permissions to use the MiqReportResults capability within the API could potentially view data from other tenants or groups to which they should not have access.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| red_hat | cfme | — | — |
| red_hat | cfme | — | — |
| red_hat | cfme | — | — |
| redhat | cloudforms | — | — |
| redhat | cloudforms | — | — |
| redhat | cloudforms_management_engine | >= 5.6 < 5.6.3.0 | 5.6.3.0 |
| redhat | cloudforms_management_engine | >= 5.7 < 5.7.3.1 | 5.7.3.1 |
| redhat | cloudforms_management_engine | >= 5.8 < 5.8.1.2 | 5.8.1.2 |