{"id":"RHSA-2017:3005","summary":"Red Hat Security Advisory: Red Hat CloudForms security, bug fix, and enhancement update","modified":"2026-02-20T10:01:58Z","published":"2024-09-16T00:28:23Z","upstream":["CVE-2017-11610","CVE-2017-12148"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3005"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.5/html/release_notes/index#red_hat_cloudforms_4_5_2"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1439650"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459987"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459996"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1460754"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1461061"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1465087"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1465089"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1471709"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1476143"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1477194"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1477616"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1477701"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1477702"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478367"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478372"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478379"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478391"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478398"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478400"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478406"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478407"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478409"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478415"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478418"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478421"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478428"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478429"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478434"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478435"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478436"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478506"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478508"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478510"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478513"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478515"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478523"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478526"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478527"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478529"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478532"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478535"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478542"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478544"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478554"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478557"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478558"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478560"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478562"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478563"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478565"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478568"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1478571"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479367"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479405"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479407"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479409"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479414"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479423"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479437"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479453"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479454"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479478"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479481"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479802"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479805"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479886"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479917"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479920"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479922"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479923"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479924"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479925"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479926"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479927"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479929"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479931"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479935"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479937"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479938"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479941"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479943"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479944"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479959"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479972"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479976"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479978"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479991"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479993"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1479994"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480000"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480001"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480002"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480007"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480008"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480286"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480377"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480586"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480588"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480589"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480654"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480734"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481296"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481436"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481437"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481439"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481442"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481445"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481449"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481450"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481845"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481846"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481849"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481851"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1481853"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482131"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482136"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482148"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482170"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482666"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482667"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482668"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482669"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1482670"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484373"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484374"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484385"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484424"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484539"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484548"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484608"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484613"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484895"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484901"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484904"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484956"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1484984"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1485474"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1486351"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1486474"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1487283"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1487320"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1487689"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488967"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1489974"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1491310"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1492840"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1493207"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494561"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1496912"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1496946"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1497746"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1497817"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1497835"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1498230"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1498556"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1499868"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500049"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500051"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500053"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1502738"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3005.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-11610"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-11610"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-11610"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2017-12148"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2017-12148"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-12148"}],"affected":[{"package":{"name":"ansible-tower-server","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/ansible-tower-server"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.5-1.el7at"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}},{"package":{"name":"ansible-tower-setup","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/ansible-tower-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.5-1.el7at"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}},{"package":{"name":"cfme","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/cfme"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.8.2.3-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}},{"package":{"name":"cfme-appliance","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/cfme-appliance"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.8.2.3-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}},{"package":{"name":"cfme-appliance-debuginfo","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/cfme-appliance-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.8.2.3-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}},{"package":{"name":"cfme-debuginfo","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/cfme-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.8.2.3-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}},{"package":{"name":"cfme-gemset","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/cfme-gemset"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.8.2.3-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}},{"package":{"name":"rabbitmq-server","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/rabbitmq-server"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.6.9-1.el7at"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}},{"package":{"name":"rh-ruby23-rubygem-nokogiri","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/rh-ruby23-rubygem-nokogiri"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.8.1-2.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}},{"package":{"name":"rh-ruby23-rubygem-nokogiri-debuginfo","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/rh-ruby23-rubygem-nokogiri-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.8.1-2.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}},{"package":{"name":"rh-ruby23-rubygem-nokogiri-doc","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/rh-ruby23-rubygem-nokogiri-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.8.1-2.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}},{"package":{"name":"supervisor","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/supervisor"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.4-1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2017:3005.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H"}]}