CVE-2017-7528 in CloudForms Management Engineinformación

Resumen

por MITRE

Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF Injection. It was found that X-Forwarded-For header allows internal servers to deploy other systems (using callback).

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

Red Hat, Inc.

Reservar

2017-04-05

Divulgación

2018-08-22

Moderación

aceptado

Artículo

VDB-123134

CPE

listo

CWE

CWE-93 (confirmado)

CVSS

6.5 (NVD)

EPSS

0.00144

KEV

Actividades

muy bajo

Sector

Government, Hostingprovider, ...

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7528
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7528
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7528/

◂ Anterior Visión De Conjunto Próximo ▸

Want to know what is going to be exploited?

We predict KEV entries!