Red Hat: RHSA-2020-3358 Moderate: CloudForms 5.11 Bug Fix Update
red hat
August 6, 2020
An update is now available for CloudForms Management Engine 5.11
Solution
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
If the postgresql service is running, it will be automatically restarted
after installing this update. After installing the updated packages, the
httpd daemon will be restarted automatically.
Summary
Red Hat CloudForms Management Engine delivers the insight, control, and
automation needed to address the challenges of managing virtual
environments. CloudForms Management Engine is built on Ruby on Rails, a
model-view-controller (MVC) framework for web application development.
Action Pack implements the controller and the view components.
Security Fix(es):
* cfme: CloudForms: CSV Injection in Orchestration Templates
(CVE-2020-10780)
* cfme: CloudForms: Server-Side Request Forgery (SSRF) in Ansible Tower
Provider (CVE-2020-14296)
* cfme: CloudForms: Out-of-band OS Command Injection through conversion
host (CVE-2020-14324)
* cfme: CloudForms: User Impersonation in the API for OIDC and SAML
(CVE-2020-14325)
* cfme-gemset: CloudForms: Cross Site Scripting in report menu title / HTML
Code Injection (CVE-2020-10777)
* cfme-gemset: CloudForms: Business logic bypass through widgets
(CVE-2020-10778)
* cfme-gemset: CloudForms: Missing functional level access control & IDOR
lead to compromise (CVE-2020-10779)
* cfme-gemset: CloudForms: Missing access control leads to escalation of
admin group privileges (CVE-2020-10783)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Red Hat would like to thank Purnachand Pulahari (IBM) and Ranjit Kumar
Singh (IBM) for reporting CVE-2020-10777, CVE-2020-10778, CVE-2020-10779,
CVE-2020-10780, CVE-2020-10783, CVE-2020-14296 and CVE-2020-14324.
CVE-2020-14325 was discovered by Alberto Bellotti (Red Hat).
Additional Changes:
This update fixes various bugs and adds enhancements. Documentation for
these changes is available from the Release Notes document linked to in the
References section.
References
https://access.redhat.com/security/cve/CVE-2020-10777 https://access.redhat.com/security/cve/CVE-2020-10778 https://access.redhat.com/security/cve/CVE-2020-10779 https://access.redhat.com/security/cve/CVE-2020-10780 https://access.redhat.com/security/cve/CVE-2020-10783 https://access.redhat.com/security/cve/CVE-2020-14296 https://access.redhat.com/security/cve/CVE-2020-14324 https://access.redhat.com/security/cve/CVE-2020-14325 https://access.redhat.com/security/updates/classification#critical
Package List
CloudForms Management Engine 5.11:
Source:
cfme-5.11.7.3-1.el8cf.src.rpm
cfme-amazon-smartstate-5.11.7.3-1.el8cf.src.rpm
cfme-appliance-5.11.7.3-1.el8cf.src.rpm
cfme-gemset-5.11.7.3-1.el8cf.src.rpm
v2v-conversion-host-1.16.2-3.el8ev.src.rpm
noarch:
v2v-conversion-host-ansible-1.16.2-3.el8ev.noarch.rpm
x86_64:
cfme-5.11.7.3-1.el8cf.x86_64.rpm
cfme-amazon-smartstate-5.11.7.3-1.el8cf.x86_64.rpm
cfme-appliance-5.11.7.3-1.el8cf.x86_64.rpm
cfme-appliance-common-5.11.7.3-1.el8cf.x86_64.rpm
cfme-appliance-tools-5.11.7.3-1.el8cf.x86_64.rpm
cfme-gemset-5.11.7.3-1.el8cf.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Advisory ID: RHSA-2020:3358-01
Product: Red Hat CloudForms
Advisory URL: https://access.redhat.com/errata/RHSA-2020:3358
Issue date: 2020-08-06
Cross references: RHSA-2020:2480
Topic
An update is now available for CloudForms Management Engine 5.11.Red Hat Product Security has rated this update as having a security impactof Critical. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.
Relevant Releases Architectures
CloudForms Management Engine 5.11 - noarch, x86_64
Bugs Fixed
1671330 - [RFE] Support for disk resize on RHV
1713212 - In service order page it show the default value even though its not selected in dialog
1734629 - [RFE] set_stats - Support object update using playbook set_stats naming convention
1734630 - [RFE] set_stats - Support setting service_var from set_stats with naming convention
1741310 - "Add a provider" button for Ansible Tower provider disappears after clicking item in accordion
1753586 - Imported System Domains can not be deleted in CloudForms
1757128 - [RFE] Support Events from Service Telemetry Framework in OSP 16.1
1770197 - Upload custom image for service catalog items via API fails.
1809033 - [RFE] Create virt-v2v-wrapper state file as early as possible
1810040 - Migration progress status in virt-v2v-wrapper.log gets skipped
1810477 - The UI to create an embedded Ansible service allows for invalid combinations of options
1826410 - Build of rugged doesn't allow for SSH auth
1832278 - remove public pool while configuring NTP settings
1834219 - Unable to edit service dialogs
1836125 - User not able to view Ansible Service task output after upgrade to 5.0
1836158 - the url setting for ui is nil in central region if set to https in a sub region
1837993 - [RFE] Ability to order a request based on the previous one.
1838704 - [RFE] Add ability to select all the projects under a specific tenant while creating a Catalog item
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!