Improper Permissions Check in Katello Proxies Controller

Improper Permissions Check in Katello Proxies Controller

CVE-2012-5603 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:N

proxies_controller.rb in Katello in Red Hat CloudForms before 1.1 does not properly check permissions, which allows remote authenticated users to read consumer certificates or change arbitrary users' settings via unspecified vectors related to the "consumer UUID" of a system.

Learn more about our Cloud Audit.