{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright © Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updates for cfme, cfme-appliance, cfme-gemset,                                                                  \nrh-ruby23-rubygem-nokogiri, and rh-ruby23-rubygem-ovirt-engine-sdk4 are now                                        \navailable for CloudForms Management Engine 5.7.                                                                   \n                                                                                                                  \nRed Hat Product Security has rated this update as having a security impact                                        \nof Important. A Common Vulnerability Scoring System (CVSS) base score,                                            \nwhich gives a detailed severity rating, is available for each vulnerability                                       \nfrom the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.\n\nrh-ruby23-rubygem-nokogiri provides Nokogiri, which is an HTML, XML, SAX,                                        \nand Reader parser.  Among Nokogiri's many features is the ability to search                                       \ndocuments using XPath or CSS3 selectors.                                                                          \n                                                                                                                  \nrh-ruby23-rubygem-ovirt-engine-sdk4 provides the ruby SDK for the oVirt                                           \nEngine API. \n\nThe following packages have been upgraded to a later upstream version: cfme                                       \n(5.7.3.2), cfme-gemset (5.7.3.2), rh-ruby23-rubygem-nokogiri (1.7.2), cfme-appliance (5.7.3.2), rh-ruby23-rubygem-ovirt-engine-sdk4 (4.1.5). (BZ#1442774, BZ#1459319)\n\nThis update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Technical Notes document linked to in the References section.\n\nSecurity Fix(es):\n\n* CloudForms includes a default SSL/TLS certificate for the web server.\nThis certificate is replaced at install time. However if an attacker were\nable to man-in-the-middle an administrator while installing the new\ncertificate, the attacker could get a copy of the uploaded private key allowing for future attacks. (CVE-2016-4457)\n\n* The dialog for creating cloud volumes (cinder provider) in CloudForms\ndoes not filter cloud tenants by user. An attacker with the ability to\ncreate storage volumes could use this to create storage volumes for any other tenant. (CVE-2017-7497)\n\n* A flaw was found in the CloudForms API. A user with permissions to use\nthe MiqReportResults capability within the API could potentially view data\nfrom other tenants or groups to which they should not have access.\n(CVE-2016-7047)\n\nThe CVE-2016-4457 and CVE-2016-7047 issues were discovered by Simon Lukasik\n(Red Hat) and the CVE-2017-7497 issue was discovered by Gellert Kis (Red\nHat).",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1601",
        "url": "https://access.redhat.com/errata/RHSA-2017:1601"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1322396",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1322396"
      },
      {
        "category": "external",
        "summary": "1341308",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341308"
      },
      {
        "category": "external",
        "summary": "1350340",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1350340"
      },
      {
        "category": "external",
        "summary": "1374215",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374215"
      },
      {
        "category": "external",
        "summary": "1402992",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402992"
      },
      {
        "category": "external",
        "summary": "1403358",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1403358"
      },
      {
        "category": "external",
        "summary": "1414869",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414869"
      },
      {
        "category": "external",
        "summary": "1419604",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1419604"
      },
      {
        "category": "external",
        "summary": "1428944",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428944"
      },
      {
        "category": "external",
        "summary": "1430468",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1430468"
      },
      {
        "category": "external",
        "summary": "1434152",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1434152"
      },
      {
        "category": "external",
        "summary": "1434952",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1434952"
      },
      {
        "category": "external",
        "summary": "1436074",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436074"
      },
      {
        "category": "external",
        "summary": "1436222",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436222"
      },
      {
        "category": "external",
        "summary": "1436226",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436226"
      },
      {
        "category": "external",
        "summary": "1436228",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436228"
      },
      {
        "category": "external",
        "summary": "1436232",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436232"
      },
      {
        "category": "external",
        "summary": "1436233",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436233"
      },
      {
        "category": "external",
        "summary": "1436236",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436236"
      },
      {
        "category": "external",
        "summary": "1436237",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436237"
      },
      {
        "category": "external",
        "summary": "1436756",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1436756"
      },
      {
        "category": "external",
        "summary": "1437146",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437146"
      },
      {
        "category": "external",
        "summary": "1437148",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437148"
      },
      {
        "category": "external",
        "summary": "1437595",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437595"
      },
      {
        "category": "external",
        "summary": "1437909",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437909"
      },
      {
        "category": "external",
        "summary": "1437912",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437912"
      },
      {
        "category": "external",
        "summary": "1437925",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1437925"
      },
      {
        "category": "external",
        "summary": "1438094",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1438094"
      },
      {
        "category": "external",
        "summary": "1438866",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1438866"
      },
      {
        "category": "external",
        "summary": "1439291",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439291"
      },
      {
        "category": "external",
        "summary": "1439314",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439314"
      },
      {
        "category": "external",
        "summary": "1439319",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439319"
      },
      {
        "category": "external",
        "summary": "1439789",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439789"
      },
      {
        "category": "external",
        "summary": "1439945",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439945"
      },
      {
        "category": "external",
        "summary": "1440399",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1440399"
      },
      {
        "category": "external",
        "summary": "1440400",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1440400"
      },
      {
        "category": "external",
        "summary": "1440401",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1440401"
      },
      {
        "category": "external",
        "summary": "1440402",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1440402"
      },
      {
        "category": "external",
        "summary": "1440701",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1440701"
      },
      {
        "category": "external",
        "summary": "1441199",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441199"
      },
      {
        "category": "external",
        "summary": "1441202",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441202"
      },
      {
        "category": "external",
        "summary": "1441204",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441204"
      },
      {
        "category": "external",
        "summary": "1441251",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441251"
      },
      {
        "category": "external",
        "summary": "1441272",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441272"
      },
      {
        "category": "external",
        "summary": "1441293",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441293"
      },
      {
        "category": "external",
        "summary": "1441331",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441331"
      },
      {
        "category": "external",
        "summary": "1441401",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441401"
      },
      {
        "category": "external",
        "summary": "1441648",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441648"
      },
      {
        "category": "external",
        "summary": "1441727",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441727"
      },
      {
        "category": "external",
        "summary": "1441742",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441742"
      },
      {
        "category": "external",
        "summary": "1441752",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441752"
      },
      {
        "category": "external",
        "summary": "1441754",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441754"
      },
      {
        "category": "external",
        "summary": "1441855",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441855"
      },
      {
        "category": "external",
        "summary": "1442105",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442105"
      },
      {
        "category": "external",
        "summary": "1442156",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442156"
      },
      {
        "category": "external",
        "summary": "1442164",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442164"
      },
      {
        "category": "external",
        "summary": "1442169",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442169"
      },
      {
        "category": "external",
        "summary": "1442177",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442177"
      },
      {
        "category": "external",
        "summary": "1442764",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442764"
      },
      {
        "category": "external",
        "summary": "1442769",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442769"
      },
      {
        "category": "external",
        "summary": "1442774",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442774"
      },
      {
        "category": "external",
        "summary": "1442865",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442865"
      },
      {
        "category": "external",
        "summary": "1442877",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1442877"
      },
      {
        "category": "external",
        "summary": "1443246",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443246"
      },
      {
        "category": "external",
        "summary": "1443248",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443248"
      },
      {
        "category": "external",
        "summary": "1443563",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443563"
      },
      {
        "category": "external",
        "summary": "1443572",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443572"
      },
      {
        "category": "external",
        "summary": "1443580",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443580"
      },
      {
        "category": "external",
        "summary": "1443697",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443697"
      },
      {
        "category": "external",
        "summary": "1443799",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443799"
      },
      {
        "category": "external",
        "summary": "1444037",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444037"
      },
      {
        "category": "external",
        "summary": "1444041",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444041"
      },
      {
        "category": "external",
        "summary": "1444052",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444052"
      },
      {
        "category": "external",
        "summary": "1444062",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444062"
      },
      {
        "category": "external",
        "summary": "1444178",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444178"
      },
      {
        "category": "external",
        "summary": "1444182",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444182"
      },
      {
        "category": "external",
        "summary": "1444214",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444214"
      },
      {
        "category": "external",
        "summary": "1444220",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444220"
      },
      {
        "category": "external",
        "summary": "1444486",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444486"
      },
      {
        "category": "external",
        "summary": "1444494",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444494"
      },
      {
        "category": "external",
        "summary": "1444875",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444875"
      },
      {
        "category": "external",
        "summary": "1445318",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445318"
      },
      {
        "category": "external",
        "summary": "1445356",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445356"
      },
      {
        "category": "external",
        "summary": "1445383",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445383"
      },
      {
        "category": "external",
        "summary": "1445806",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445806"
      },
      {
        "category": "external",
        "summary": "1445901",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445901"
      },
      {
        "category": "external",
        "summary": "1445902",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445902"
      },
      {
        "category": "external",
        "summary": "1446305",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1446305"
      },
      {
        "category": "external",
        "summary": "1446773",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1446773"
      },
      {
        "category": "external",
        "summary": "1446787",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1446787"
      },
      {
        "category": "external",
        "summary": "1446791",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1446791"
      },
      {
        "category": "external",
        "summary": "1447091",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1447091"
      },
      {
        "category": "external",
        "summary": "1448046",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448046"
      },
      {
        "category": "external",
        "summary": "1448073",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448073"
      },
      {
        "category": "external",
        "summary": "1448140",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448140"
      },
      {
        "category": "external",
        "summary": "1448142",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448142"
      },
      {
        "category": "external",
        "summary": "1448148",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448148"
      },
      {
        "category": "external",
        "summary": "1448418",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448418"
      },
      {
        "category": "external",
        "summary": "1448421",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448421"
      },
      {
        "category": "external",
        "summary": "1448530",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448530"
      },
      {
        "category": "external",
        "summary": "1448538",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448538"
      },
      {
        "category": "external",
        "summary": "1448870",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448870"
      },
      {
        "category": "external",
        "summary": "1448872",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1448872"
      },
      {
        "category": "external",
        "summary": "1449389",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449389"
      },
      {
        "category": "external",
        "summary": "1449392",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449392"
      },
      {
        "category": "external",
        "summary": "1449394",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449394"
      },
      {
        "category": "external",
        "summary": "1449396",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449396"
      },
      {
        "category": "external",
        "summary": "1449397",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449397"
      },
      {
        "category": "external",
        "summary": "1449398",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449398"
      },
      {
        "category": "external",
        "summary": "1449403",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449403"
      },
      {
        "category": "external",
        "summary": "1449753",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1449753"
      },
      {
        "category": "external",
        "summary": "1450084",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450084"
      },
      {
        "category": "external",
        "summary": "1450086",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450086"
      },
      {
        "category": "external",
        "summary": "1450088",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450088"
      },
      {
        "category": "external",
        "summary": "1450150",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450150"
      },
      {
        "category": "external",
        "summary": "1450217",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450217"
      },
      {
        "category": "external",
        "summary": "1450421",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450421"
      },
      {
        "category": "external",
        "summary": "1450508",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450508"
      },
      {
        "category": "external",
        "summary": "1450511",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450511"
      },
      {
        "category": "external",
        "summary": "1450512",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450512"
      },
      {
        "category": "external",
        "summary": "1450514",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450514"
      },
      {
        "category": "external",
        "summary": "1450519",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450519"
      },
      {
        "category": "external",
        "summary": "1450525",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450525"
      },
      {
        "category": "external",
        "summary": "1450526",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450526"
      },
      {
        "category": "external",
        "summary": "1451396",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451396"
      },
      {
        "category": "external",
        "summary": "1451827",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1451827"
      },
      {
        "category": "external",
        "summary": "1452172",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452172"
      },
      {
        "category": "external",
        "summary": "1452227",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452227"
      },
      {
        "category": "external",
        "summary": "1452350",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452350"
      },
      {
        "category": "external",
        "summary": "1452363",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452363"
      },
      {
        "category": "external",
        "summary": "1452383",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452383"
      },
      {
        "category": "external",
        "summary": "1452764",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452764"
      },
      {
        "category": "external",
        "summary": "1452824",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1452824"
      },
      {
        "category": "external",
        "summary": "1454383",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454383"
      },
      {
        "category": "external",
        "summary": "1454442",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454442"
      },
      {
        "category": "external",
        "summary": "1454443",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454443"
      },
      {
        "category": "external",
        "summary": "1454446",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454446"
      },
      {
        "category": "external",
        "summary": "1454618",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454618"
      },
      {
        "category": "external",
        "summary": "1455302",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455302"
      },
      {
        "category": "external",
        "summary": "1455600",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455600"
      },
      {
        "category": "external",
        "summary": "1455670",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455670"
      },
      {
        "category": "external",
        "summary": "1455686",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455686"
      },
      {
        "category": "external",
        "summary": "1455933",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455933"
      },
      {
        "category": "external",
        "summary": "1456021",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1456021"
      },
      {
        "category": "external",
        "summary": "1457911",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457911"
      },
      {
        "category": "external",
        "summary": "1457924",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1457924"
      },
      {
        "category": "external",
        "summary": "1458810",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458810"
      },
      {
        "category": "external",
        "summary": "1458811",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458811"
      },
      {
        "category": "external",
        "summary": "1459180",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459180"
      },
      {
        "category": "external",
        "summary": "1459307",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459307"
      },
      {
        "category": "external",
        "summary": "1459319",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459319"
      },
      {
        "category": "external",
        "summary": "1459563",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459563"
      },
      {
        "category": "external",
        "summary": "1460979",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1460979"
      },
      {
        "category": "external",
        "summary": "1461170",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461170"
      },
      {
        "category": "external",
        "summary": "1461540",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461540"
      },
      {
        "category": "external",
        "summary": "1461886",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461886"
      },
      {
        "category": "external",
        "summary": "1463669",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463669"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1601.json"
      }
    ],
    "title": "Red Hat Security Advisory: CFME 5.7.3 security, bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2026-06-30T11:34:59+00:00",
      "generator": {
        "date": "2026-06-30T11:34:59+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.1"
        }
      },
      "id": "RHSA-2017:1601",
      "initial_release_date": "2017-06-28T14:51:52+00:00",
      "revision_history": [
        {
          "date": "2017-06-28T14:51:52+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-06-28T14:51:52+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-30T11:34:59+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "CloudForms Management Engine 5.7",
                "product": {
                  "name": "CloudForms Management Engine 5.7",
                  "product_id": "7Server-RH7-CFME-5.7",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.7::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat CloudForms"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
                "product": {
                  "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
                  "product_id": "rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-ovirt-engine-sdk4@4.1.5-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
                "product": {
                  "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
                  "product_id": "rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo@4.1.5-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
                "product": {
                  "name": "rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
                  "product_id": "rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-nokogiri-debuginfo@1.7.2-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
                "product": {
                  "name": "rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
                  "product_id": "rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-nokogiri@1.7.2-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
                "product": {
                  "name": "rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
                  "product_id": "rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-nokogiri-doc@1.7.2-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-0:5.7.3.2-1.el7cf.x86_64",
                "product": {
                  "name": "cfme-0:5.7.3.2-1.el7cf.x86_64",
                  "product_id": "cfme-0:5.7.3.2-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme@5.7.3.2-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
                "product": {
                  "name": "cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
                  "product_id": "cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-debuginfo@5.7.3.2-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
                "product": {
                  "name": "cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
                  "product_id": "cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-appliance@5.7.3.2-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
                "product": {
                  "name": "cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
                  "product_id": "cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-appliance-debuginfo@5.7.3.2-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
                "product": {
                  "name": "cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
                  "product_id": "cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-gemset@5.7.3.2-1.el7cf?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
                "product": {
                  "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
                  "product_id": "rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-ovirt-engine-sdk4@4.1.5-1.el7cf?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
                "product": {
                  "name": "rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
                  "product_id": "rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-nokogiri@1.7.2-1.el7cf?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-0:5.7.3.2-1.el7cf.src",
                "product": {
                  "name": "cfme-0:5.7.3.2-1.el7cf.src",
                  "product_id": "cfme-0:5.7.3.2-1.el7cf.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme@5.7.3.2-1.el7cf?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-appliance-0:5.7.3.2-1.el7cf.src",
                "product": {
                  "name": "cfme-appliance-0:5.7.3.2-1.el7cf.src",
                  "product_id": "cfme-appliance-0:5.7.3.2-1.el7cf.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-appliance@5.7.3.2-1.el7cf?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-gemset-0:5.7.3.2-1.el7cf.src",
                "product": {
                  "name": "cfme-gemset-0:5.7.3.2-1.el7cf.src",
                  "product_id": "cfme-gemset-0:5.7.3.2-1.el7cf.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-gemset@5.7.3.2-1.el7cf?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch",
                "product": {
                  "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch",
                  "product_id": "rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-ovirt-engine-sdk4-doc@4.1.5-1.el7cf?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-0:5.7.3.2-1.el7cf.src as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.src"
        },
        "product_reference": "cfme-0:5.7.3.2-1.el7cf.src",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-0:5.7.3.2-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.x86_64"
        },
        "product_reference": "cfme-0:5.7.3.2-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-appliance-0:5.7.3.2-1.el7cf.src as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.src"
        },
        "product_reference": "cfme-appliance-0:5.7.3.2-1.el7cf.src",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-appliance-0:5.7.3.2-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.x86_64"
        },
        "product_reference": "cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64"
        },
        "product_reference": "cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64"
        },
        "product_reference": "cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-gemset-0:5.7.3.2-1.el7cf.src as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.src"
        },
        "product_reference": "cfme-gemset-0:5.7.3.2-1.el7cf.src",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-gemset-0:5.7.3.2-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.x86_64"
        },
        "product_reference": "cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src"
        },
        "product_reference": "rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64"
        },
        "product_reference": "rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64"
        },
        "product_reference": "rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64"
        },
        "product_reference": "rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src"
        },
        "product_reference": "rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64"
        },
        "product_reference": "rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64"
        },
        "product_reference": "rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch as a component of CloudForms Management Engine 5.7",
          "product_id": "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch"
        },
        "product_reference": "rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch",
        "relates_to_product_reference": "7Server-RH7-CFME-5.7"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Simon Lukasik"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2016-4457",
      "cwe": {
        "id": "CWE-798",
        "name": "Use of Hard-coded Credentials"
      },
      "discovery_date": "2016-05-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1341308"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "CloudForms includes a default SSL/TLS certificate for the web server. This certificate is replaced at install time. However if an attacker were able to man-in-the-middle an administrator while installing the new certificate, the attacker could get a copy of the uploaded private key allowing for future attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "CFME: default certificate used across all installs",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-4457"
        },
        {
          "category": "external",
          "summary": "RHBZ#1341308",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341308"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-4457",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-4457"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4457",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4457"
        }
      ],
      "release_date": "2016-05-31T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-06-28T14:51:52+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1601"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "CFME: default certificate used across all installs"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Simon Lukasik"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2016-7047",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2016-09-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1374215"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the CloudForms API. A user with permissions to use the MiqReportResults capability within the API could potentially view data from other tenants or groups to which they should not have access.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cfme: API leaks any MiqReportResult",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-7047"
        },
        {
          "category": "external",
          "summary": "RHBZ#1374215",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1374215"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-7047",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-7047"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7047",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7047"
        }
      ],
      "release_date": "2017-06-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-06-28T14:51:52+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1601"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 3.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "cfme: API leaks any MiqReportResult"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Gellert Kis"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-7497",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "discovery_date": "2017-05-11T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1450150"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The dialog for creating cloud volumes (cinder provider) in CloudForms does not filter cloud tenants by user. An attacker with the ability to create storage volumes could use this to create storage volumes for any other tenant.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "CFME: Dialog for creating cloud volumes does not filter cloud tenants CVE-2017-7497",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7497"
        },
        {
          "category": "external",
          "summary": "RHBZ#1450150",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450150"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7497",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7497"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7497",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7497"
        }
      ],
      "release_date": "2017-05-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-06-28T14:51:52+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1601"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-appliance-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-appliance-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-debuginfo-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:cfme-gemset-0:5.7.3.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-nokogiri-doc-0:1.7.2-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.src",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-0:4.1.5-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.7:rh-ruby23-rubygem-ovirt-engine-sdk4-doc-0:4.1.5-1.el7cf.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "CFME: Dialog for creating cloud volumes does not filter cloud tenants CVE-2017-7497"
    }
  ]
}