CVE-2017-7497
First published: Thu May 11 2017(Updated: )
Gellert Kis of Red Hat reports: Dialog for creating cloud volumes (cinder provider) does not filter cloud tenants for user. In this way users can create storage volumes in any tenant. Not only in their own tenant. This currently affects CFME 5.7.2 and 5.8.0.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Cloudforms Management Engine | =5.7.2 | |
| Redhat Cloudforms Management Engine | =5.8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/redhat-bugzilla
- alias/CVE-2017-7497
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/description
- agent/type
- agent/tags
- agent/event
- vendor/redhat
- canonical/redhat cloudforms management engine
- version/redhat cloudforms management engine/5.7.2
- version/redhat cloudforms management engine/5.8.0