CVE-2020-14296

Summary

Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not normally accessible.

Affected Software

VendorProductVersion RangeStatus
n/aCloudForms4.7 and 5affected

Weaknesses

  • Server-Side Request Forgery (SSRF)

ADP Enrichment

CVE Program Container

Additional References

References