CVE-2019-10159 vulnerability in Red Hat Products
Published on June 14, 2019
cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to an improper authorization in the migration log controller. An attacker with access to an unprivileged user can access all VM migration logs available.
Weakness Type
What is an AuthZ Vulnerability?
The software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CVE-2019-10159 has been classified to as an AuthZ vulnerability or weakness.
Products Associated with CVE-2019-10159
stack.watch emails you whenever new vulnerabilities are published in Red Hat Cfme Gemset or Red Hat Cloudforms. Just hit a watch button to start following.
Affected Versions
Red Hat cfme Version 5.10.4.3 and below, 5.9.9.3 and below is affected by CVE-2019-10159Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.