CVE-2016-4471
First published: Mon May 30 2016(Updated: )
It was found that attacker having the access to appliance filesystem is able to execute arbitrary code under the same privileges as appliance runs. This issue is present since upstream commit f077196c99feb874e5cba8b93c1f8dfe26421c1b. Upstream patch: <a href="https://github.com/ManageIQ/manageiq/pull/7856">https://github.com/ManageIQ/manageiq/pull/7856</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Cloudforms | <=4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/description
- agent/author
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-4471
- vendor/redhat
- canonical/redhat cloudforms
- version/redhat cloudforms/4.0