CVE-2012-5603

Description

proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system.

CVSS Version 2.0

nvd
CVE ID: CVE-2012-5603
Base Score: 5.5
Base Severity: MEDIUM
Vector String:AV:N/AC:L/Au:S/C:P/I:P/A:N

Refrence: NVD

Description​

Description