Skip Ribbon Commands
Skip to main content
Computer Security Incident Response Team of Mauritius (CERT-MU)

VN-2017-79


Red Hat CloudForms Bugs Let Remote Users Conduct Man-in-the-Middle Attacks to Spoof Servers and Obtain Authentication Information
Severity Rating: Medium
Systems Affected:
  • Management Engine 5.8
Description
Two vulnerabilities have been identified in Red Hat CloudForms and can be exploited by remote attackers to spoof servers and obtain authentication information on vulnerable systems. The vulnerabilities reported are as follows:
 
·         The system uses a default SSL/TLS certificate for the web server during installation. This vulnerability can conduct a man-in-the-middle attack against the administrator during installation and can obtain a copy of the new private key.
 
·         The system does not verify that the server hostname matches the domain name in the certificate when using a custom certificate authority (CA). A remote user can spoof a Red Hat Virtualization (RHEV) or OpenShift system.
 
Solution
Users are advised to update apply updates.
More information is available on:
 
Vendor Information
Red Hat
 
References
Security Tracker
 
Red Hat Security Advisory
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis