Red Hat CloudForms Bugs Let Remote Users Conduct Man-in-the-Middle Attacks to Spoof Servers and Obtain Authentication Information
Severity Rating: Medium
Two vulnerabilities have been identified in Red Hat CloudForms and can be exploited by remote attackers to spoof servers and obtain authentication information on vulnerable systems. The vulnerabilities reported are as follows:
· The system uses a default SSL/TLS certificate for the web server during installation. This vulnerability can conduct a man-in-the-middle attack against the administrator during installation and can obtain a copy of the new private key.
· The system does not verify that the server hostname matches the domain name in the certificate when using a custom certificate authority (CA). A remote user can spoof a Red Hat Virtualization (RHEV) or OpenShift system.
Users are advised to update apply updates.
More information is available on:
Red Hat Security Advisory
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street