Vulnerabilities > CVE-2016-4457 - Cryptographic Issues vulnerability in Redhat Cloudforms Management Engine 5.7

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
redhat
CWE-310
NVD
Published: 2017-06-08
Updated: 2023-02-12

Summary

CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate.

Vulnerable Configurations

Part Description Count
Application
Redhat
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Redhat

advisories
  • rhsa
    idRHSA-2017:1367
  • rhsa
    idRHSA-2017:1601
rpms
  • ansible-0:2.2.1.0-2.el7
  • ansible-tower-server-0:3.1.2-1.el7at
  • ansible-tower-setup-0:3.1.2-1.el7at
  • bubblewrap-0:0.1.7-1.el7
  • bubblewrap-debuginfo-0:0.1.7-1.el7
  • cfme-0:5.8.0.17-1.el7cf
  • cfme-appliance-0:5.8.0.17-1.el7cf
  • cfme-appliance-debuginfo-0:5.8.0.17-1.el7cf
  • cfme-debuginfo-0:5.8.0.17-1.el7cf
  • cfme-gemset-0:5.8.0.17-1.el7cf
  • erlang-0:19.0.4-1.el7at
  • erlang-debuginfo-0:19.0.4-1.el7at
  • freeipmi-0:1.5.1-2.el7cf
  • freeipmi-bmc-watchdog-0:1.5.1-2.el7cf
  • freeipmi-debuginfo-0:1.5.1-2.el7cf
  • freeipmi-devel-0:1.5.1-2.el7cf
  • freeipmi-ipmidetectd-0:1.5.1-2.el7cf
  • freeipmi-ipmiseld-0:1.5.1-2.el7cf
  • google-compute-engine-0:2.0.0-1.el7cf
  • google-config-0:2.0.0-1.el7cf
  • libtomcrypt-0:1.17-23.el7
  • libtomcrypt-debuginfo-0:1.17-23.el7
  • libtomcrypt-devel-0:1.17-23.el7
  • libtomcrypt-doc-0:1.17-23.el7
  • libtommath-0:0.42.0-4.el7
  • libtommath-debuginfo-0:0.42.0-4.el7
  • libtommath-devel-0:0.42.0-4.el7
  • libtommath-doc-0:0.42.0-4.el7
  • nginx-1:1.10.2-1.el7at
  • nginx-all-modules-1:1.10.2-1.el7at
  • nginx-debuginfo-1:1.10.2-1.el7at
  • nginx-filesystem-1:1.10.2-1.el7at
  • nginx-mod-http-geoip-1:1.10.2-1.el7at
  • nginx-mod-http-image-filter-1:1.10.2-1.el7at
  • nginx-mod-http-perl-1:1.10.2-1.el7at
  • nginx-mod-http-xslt-filter-1:1.10.2-1.el7at
  • nginx-mod-mail-1:1.10.2-1.el7at
  • nginx-mod-stream-1:1.10.2-1.el7at
  • postgresql94-0:9.4.11-2PGDG.el7at
  • postgresql94-contrib-0:9.4.11-2PGDG.el7at
  • postgresql94-debuginfo-0:9.4.11-2PGDG.el7at
  • postgresql94-devel-0:9.4.11-2PGDG.el7at
  • postgresql94-docs-0:9.4.11-2PGDG.el7at
  • postgresql94-libs-0:9.4.11-2PGDG.el7at
  • postgresql94-plperl-0:9.4.11-2PGDG.el7at
  • postgresql94-plpython-0:9.4.11-2PGDG.el7at
  • postgresql94-pltcl-0:9.4.11-2PGDG.el7at
  • postgresql94-server-0:9.4.11-2PGDG.el7at
  • postgresql94-test-0:9.4.11-2PGDG.el7at
  • prince-0:9.0r2-10.el7cf
  • python-crypto-0:2.6.1-7.el7
  • python-crypto-debuginfo-0:2.6.1-7.el7
  • python-ecdsa-0:0.11-4.el7
  • python-httplib2-0:0.9.1-2.1.el7
  • python-keyczar-0:0.71c-2.el7
  • python-meld3-0:0.6.10-1.el7
  • python-meld3-debuginfo-0:0.6.10-1.el7
  • python-paramiko-0:1.15.2-3.el7
  • python-paramiko-doc-0:1.15.2-3.el7
  • python-passlib-0:1.6.5-1.1.el7
  • rabbitmq-server-0:3.6.5-1.el7at
  • rh-postgresql95-postgresql-pglogical-0:1.2.1-1.el7cf
  • rh-postgresql95-postgresql-pglogical-debuginfo-0:1.2.1-1.el7cf
  • rh-postgresql95-repmgr-0:3.1.3-2.el7cf
  • rh-postgresql95-repmgr-debuginfo-0:3.1.3-2.el7cf
  • rh-ruby23-rubygem-bcrypt-0:3.1.10-3.el7cf
  • rh-ruby23-rubygem-bcrypt-debuginfo-0:3.1.10-3.el7cf
  • rh-ruby23-rubygem-bcrypt-doc-0:3.1.10-3.el7cf
  • rh-ruby23-rubygem-eventmachine-0:1.0.7-6.el7cf
  • rh-ruby23-rubygem-eventmachine-debuginfo-0:1.0.7-6.el7cf
  • rh-ruby23-rubygem-eventmachine-doc-0:1.0.7-6.el7cf
  • rh-ruby23-rubygem-ffi-0:1.9.8-4.el7cf
  • rh-ruby23-rubygem-ffi-debuginfo-0:1.9.8-4.el7cf
  • rh-ruby23-rubygem-ffi-doc-0:1.9.8-4.el7cf
  • rh-ruby23-rubygem-hamlit-0:2.7.2-1.el7cf
  • rh-ruby23-rubygem-hamlit-debuginfo-0:2.7.2-1.el7cf
  • rh-ruby23-rubygem-hamlit-doc-0:2.7.2-1.el7cf
  • rh-ruby23-rubygem-http_parser.rb-0:0.6.0-1.el7cf
  • rh-ruby23-rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el7cf
  • rh-ruby23-rubygem-http_parser.rb-doc-0:0.6.0-1.el7cf
  • rh-ruby23-rubygem-json-0:2.0.2-1.el7cf
  • rh-ruby23-rubygem-json-debuginfo-0:2.0.2-1.el7cf
  • rh-ruby23-rubygem-json-doc-0:2.0.2-1.el7cf
  • rh-ruby23-rubygem-linux_block_device-0:0.2.1-1.el7cf
  • rh-ruby23-rubygem-linux_block_device-debuginfo-0:0.2.1-1.el7cf
  • rh-ruby23-rubygem-linux_block_device-doc-0:0.2.1-1.el7cf
  • rh-ruby23-rubygem-memory_buffer-0:0.1.0-2.el7cf
  • rh-ruby23-rubygem-memory_buffer-debuginfo-0:0.1.0-2.el7cf
  • rh-ruby23-rubygem-memory_buffer-doc-0:0.1.0-2.el7cf
  • rh-ruby23-rubygem-net_app_manageability-0:0.1.0-3.el7cf
  • rh-ruby23-rubygem-net_app_manageability-debuginfo-0:0.1.0-3.el7cf
  • rh-ruby23-rubygem-net_app_manageability-doc-0:0.1.0-3.el7cf
  • rh-ruby23-rubygem-nio4r-0:1.2.1-1.el7cf
  • rh-ruby23-rubygem-nio4r-debuginfo-0:1.2.1-1.el7cf
  • rh-ruby23-rubygem-nio4r-doc-0:1.2.1-1.el7cf
  • rh-ruby23-rubygem-nokogiri-0:1.6.8-1.el7cf
  • rh-ruby23-rubygem-nokogiri-debuginfo-0:1.6.8-1.el7cf
  • rh-ruby23-rubygem-nokogiri-doc-0:1.6.8-1.el7cf
  • rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf
  • rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf
  • rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf
  • rh-ruby23-rubygem-pg-0:0.18.2-5.el7cf
  • rh-ruby23-rubygem-pg-debuginfo-0:0.18.2-5.el7cf
  • rh-ruby23-rubygem-pg-doc-0:0.18.2-5.el7cf
  • rh-ruby23-rubygem-pkg-config-0:1.1.7-1.el7cf
  • rh-ruby23-rubygem-pkg-config-doc-0:1.1.7-1.el7cf
  • rh-ruby23-rubygem-puma-0:3.3.0-1.el7cf
  • rh-ruby23-rubygem-puma-debuginfo-0:3.3.0-1.el7cf
  • rh-ruby23-rubygem-puma-doc-0:3.3.0-1.el7cf
  • rh-ruby23-rubygem-redhat_access_cfme-0:1.1.0-1.el7cf
  • rh-ruby23-rubygem-redhat_access_cfme-doc-0:1.1.0-1.el7cf
  • rh-ruby23-rubygem-redhat_access_lib-0:0.1.0-1.el7cf
  • rh-ruby23-rubygem-rugged-0:0.25.0-b10.2.el7cf
  • rh-ruby23-rubygem-rugged-debuginfo-0:0.25.0-b10.2.el7cf
  • rh-ruby23-rubygem-rugged-doc-0:0.25.0-b10.2.el7cf
  • rh-ruby23-rubygem-thin-0:1.7.0-1.el7cf
  • rh-ruby23-rubygem-thin-debuginfo-0:1.7.0-1.el7cf
  • rh-ruby23-rubygem-thin-doc-0:1.7.0-1.el7cf
  • rh-ruby23-rubygem-unf_ext-0:0.0.7.1-3.el7cf
  • rh-ruby23-rubygem-unf_ext-debuginfo-0:0.0.7.1-3.el7cf
  • rh-ruby23-rubygem-unf_ext-doc-0:0.0.7.1-3.el7cf
  • rh-ruby23-rubygem-websocket-driver-0:0.6.3-1.el7cf
  • rh-ruby23-rubygem-websocket-driver-debuginfo-0:0.6.3-1.el7cf
  • rh-ruby23-rubygem-websocket-driver-doc-0:0.6.3-1.el7cf
  • smem-0:1.4-1.el7cf
  • sshpass-0:1.06-1.el7
  • sshpass-debuginfo-0:1.06-1.el7
  • supervisor-0:3.1.3-3.el7
  • wmi-0:1.3.14-7.el7cf
  • wmi-debuginfo-0:1.3.14-7.el7cf
  • cfme-0:5.7.3.2-1.el7cf
  • cfme-appliance-0:5.7.3.2-1.el7cf
  • cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf
  • cfme-debuginfo-0:5.7.3.2-1.el7cf
  • cfme-gemset-0:5.7.3.2-1.el7cf
  • rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf
  • rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf
  • rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf
  • rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf
  • rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf
  • rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf

References