CVE-2020-14296
published 2020-08-11CVE-2020-14296: Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan…
high7.1CVSS 3.1
AVNACLPRLUINSUCHILAN
Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not normally accessible.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | cloudforms_management_engine | — | — |
| redhat | cloudforms_management_engine | — | — |
| redhat | cloudforms_management_engine | — | — |