{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright © Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for CloudForms Management Engine 5.8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.\n\nThe following packages have been upgraded to a later upstream version: ansible-tower (3.1.5), cfme (5.8.2.3), cfme-appliance (5.8.2.3), cfme-gemset (5.8.2.3), rabbitmq-server (3.6.9), rh-ruby23-rubygem-nokogiri (1.8.1), supervisor (3.1.4). (BZ#1476286, BZ#1485484)\n\nSecurity Fix(es):\n\n* A flaw was found in Tower's interface with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository could create a Trojan playbook that, when executed by Tower, modifies the checked out SCM repository to add git hooks. These git hooks could, in turn, cause arbitrary command and code execution as the user Tower runs as. (CVE-2017-12148)\n\n* A vulnerability was found in the XML-RPC interface in supervisord. When processing malformed commands, an attacker can cause arbitrary shell commands to be executed on the server as the same user as supervisord. Exploitation requires the attacker to first be authenticated to the supervisord service. (CVE-2017-11610)\n\nThe CVE-2017-12148 issue was discovered by Ryan Petrello (Red Hat).\n\nAdditional Changes:\n\nThis update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:3005",
        "url": "https://access.redhat.com/errata/RHSA-2017:3005"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.5/html/release_notes/index#red_hat_cloudforms_4_5_2",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.5/html/release_notes/index#red_hat_cloudforms_4_5_2"
      },
      {
        "category": "external",
        "summary": "1439650",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1439650"
      },
      {
        "category": "external",
        "summary": "1459987",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459987"
      },
      {
        "category": "external",
        "summary": "1459996",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459996"
      },
      {
        "category": "external",
        "summary": "1460754",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1460754"
      },
      {
        "category": "external",
        "summary": "1461061",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461061"
      },
      {
        "category": "external",
        "summary": "1465087",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465087"
      },
      {
        "category": "external",
        "summary": "1465089",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1465089"
      },
      {
        "category": "external",
        "summary": "1471709",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471709"
      },
      {
        "category": "external",
        "summary": "1476143",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1476143"
      },
      {
        "category": "external",
        "summary": "1477194",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477194"
      },
      {
        "category": "external",
        "summary": "1477616",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477616"
      },
      {
        "category": "external",
        "summary": "1477701",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477701"
      },
      {
        "category": "external",
        "summary": "1477702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477702"
      },
      {
        "category": "external",
        "summary": "1478367",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478367"
      },
      {
        "category": "external",
        "summary": "1478372",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478372"
      },
      {
        "category": "external",
        "summary": "1478379",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478379"
      },
      {
        "category": "external",
        "summary": "1478391",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478391"
      },
      {
        "category": "external",
        "summary": "1478398",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478398"
      },
      {
        "category": "external",
        "summary": "1478400",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478400"
      },
      {
        "category": "external",
        "summary": "1478406",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478406"
      },
      {
        "category": "external",
        "summary": "1478407",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478407"
      },
      {
        "category": "external",
        "summary": "1478409",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478409"
      },
      {
        "category": "external",
        "summary": "1478415",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478415"
      },
      {
        "category": "external",
        "summary": "1478418",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478418"
      },
      {
        "category": "external",
        "summary": "1478421",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478421"
      },
      {
        "category": "external",
        "summary": "1478428",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478428"
      },
      {
        "category": "external",
        "summary": "1478429",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478429"
      },
      {
        "category": "external",
        "summary": "1478434",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478434"
      },
      {
        "category": "external",
        "summary": "1478435",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478435"
      },
      {
        "category": "external",
        "summary": "1478436",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478436"
      },
      {
        "category": "external",
        "summary": "1478506",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478506"
      },
      {
        "category": "external",
        "summary": "1478508",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478508"
      },
      {
        "category": "external",
        "summary": "1478510",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478510"
      },
      {
        "category": "external",
        "summary": "1478513",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478513"
      },
      {
        "category": "external",
        "summary": "1478515",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478515"
      },
      {
        "category": "external",
        "summary": "1478523",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478523"
      },
      {
        "category": "external",
        "summary": "1478526",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478526"
      },
      {
        "category": "external",
        "summary": "1478527",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478527"
      },
      {
        "category": "external",
        "summary": "1478529",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478529"
      },
      {
        "category": "external",
        "summary": "1478532",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478532"
      },
      {
        "category": "external",
        "summary": "1478535",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478535"
      },
      {
        "category": "external",
        "summary": "1478542",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478542"
      },
      {
        "category": "external",
        "summary": "1478544",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478544"
      },
      {
        "category": "external",
        "summary": "1478554",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478554"
      },
      {
        "category": "external",
        "summary": "1478557",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478557"
      },
      {
        "category": "external",
        "summary": "1478558",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478558"
      },
      {
        "category": "external",
        "summary": "1478560",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478560"
      },
      {
        "category": "external",
        "summary": "1478562",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478562"
      },
      {
        "category": "external",
        "summary": "1478563",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478563"
      },
      {
        "category": "external",
        "summary": "1478565",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478565"
      },
      {
        "category": "external",
        "summary": "1478568",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478568"
      },
      {
        "category": "external",
        "summary": "1478571",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1478571"
      },
      {
        "category": "external",
        "summary": "1479367",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479367"
      },
      {
        "category": "external",
        "summary": "1479405",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479405"
      },
      {
        "category": "external",
        "summary": "1479407",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479407"
      },
      {
        "category": "external",
        "summary": "1479409",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479409"
      },
      {
        "category": "external",
        "summary": "1479414",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479414"
      },
      {
        "category": "external",
        "summary": "1479423",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479423"
      },
      {
        "category": "external",
        "summary": "1479437",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479437"
      },
      {
        "category": "external",
        "summary": "1479453",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479453"
      },
      {
        "category": "external",
        "summary": "1479454",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479454"
      },
      {
        "category": "external",
        "summary": "1479478",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479478"
      },
      {
        "category": "external",
        "summary": "1479481",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479481"
      },
      {
        "category": "external",
        "summary": "1479802",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479802"
      },
      {
        "category": "external",
        "summary": "1479805",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479805"
      },
      {
        "category": "external",
        "summary": "1479886",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479886"
      },
      {
        "category": "external",
        "summary": "1479917",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479917"
      },
      {
        "category": "external",
        "summary": "1479920",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479920"
      },
      {
        "category": "external",
        "summary": "1479922",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479922"
      },
      {
        "category": "external",
        "summary": "1479923",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479923"
      },
      {
        "category": "external",
        "summary": "1479924",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479924"
      },
      {
        "category": "external",
        "summary": "1479925",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479925"
      },
      {
        "category": "external",
        "summary": "1479926",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479926"
      },
      {
        "category": "external",
        "summary": "1479927",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479927"
      },
      {
        "category": "external",
        "summary": "1479929",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479929"
      },
      {
        "category": "external",
        "summary": "1479931",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479931"
      },
      {
        "category": "external",
        "summary": "1479935",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479935"
      },
      {
        "category": "external",
        "summary": "1479937",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479937"
      },
      {
        "category": "external",
        "summary": "1479938",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479938"
      },
      {
        "category": "external",
        "summary": "1479941",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479941"
      },
      {
        "category": "external",
        "summary": "1479943",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479943"
      },
      {
        "category": "external",
        "summary": "1479944",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479944"
      },
      {
        "category": "external",
        "summary": "1479959",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479959"
      },
      {
        "category": "external",
        "summary": "1479972",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479972"
      },
      {
        "category": "external",
        "summary": "1479976",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479976"
      },
      {
        "category": "external",
        "summary": "1479978",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479978"
      },
      {
        "category": "external",
        "summary": "1479991",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479991"
      },
      {
        "category": "external",
        "summary": "1479993",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479993"
      },
      {
        "category": "external",
        "summary": "1479994",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479994"
      },
      {
        "category": "external",
        "summary": "1480000",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480000"
      },
      {
        "category": "external",
        "summary": "1480001",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480001"
      },
      {
        "category": "external",
        "summary": "1480002",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480002"
      },
      {
        "category": "external",
        "summary": "1480007",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480007"
      },
      {
        "category": "external",
        "summary": "1480008",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480008"
      },
      {
        "category": "external",
        "summary": "1480286",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480286"
      },
      {
        "category": "external",
        "summary": "1480377",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480377"
      },
      {
        "category": "external",
        "summary": "1480586",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480586"
      },
      {
        "category": "external",
        "summary": "1480588",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480588"
      },
      {
        "category": "external",
        "summary": "1480589",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480589"
      },
      {
        "category": "external",
        "summary": "1480654",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480654"
      },
      {
        "category": "external",
        "summary": "1480734",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480734"
      },
      {
        "category": "external",
        "summary": "1481296",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481296"
      },
      {
        "category": "external",
        "summary": "1481436",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481436"
      },
      {
        "category": "external",
        "summary": "1481437",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481437"
      },
      {
        "category": "external",
        "summary": "1481439",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481439"
      },
      {
        "category": "external",
        "summary": "1481442",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481442"
      },
      {
        "category": "external",
        "summary": "1481445",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481445"
      },
      {
        "category": "external",
        "summary": "1481449",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481449"
      },
      {
        "category": "external",
        "summary": "1481450",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481450"
      },
      {
        "category": "external",
        "summary": "1481845",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481845"
      },
      {
        "category": "external",
        "summary": "1481846",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481846"
      },
      {
        "category": "external",
        "summary": "1481849",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481849"
      },
      {
        "category": "external",
        "summary": "1481851",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481851"
      },
      {
        "category": "external",
        "summary": "1481853",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481853"
      },
      {
        "category": "external",
        "summary": "1482131",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482131"
      },
      {
        "category": "external",
        "summary": "1482136",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482136"
      },
      {
        "category": "external",
        "summary": "1482148",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482148"
      },
      {
        "category": "external",
        "summary": "1482170",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482170"
      },
      {
        "category": "external",
        "summary": "1482666",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482666"
      },
      {
        "category": "external",
        "summary": "1482667",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482667"
      },
      {
        "category": "external",
        "summary": "1482668",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482668"
      },
      {
        "category": "external",
        "summary": "1482669",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482669"
      },
      {
        "category": "external",
        "summary": "1482670",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482670"
      },
      {
        "category": "external",
        "summary": "1484373",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484373"
      },
      {
        "category": "external",
        "summary": "1484374",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484374"
      },
      {
        "category": "external",
        "summary": "1484385",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484385"
      },
      {
        "category": "external",
        "summary": "1484424",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484424"
      },
      {
        "category": "external",
        "summary": "1484539",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484539"
      },
      {
        "category": "external",
        "summary": "1484548",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484548"
      },
      {
        "category": "external",
        "summary": "1484608",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484608"
      },
      {
        "category": "external",
        "summary": "1484613",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484613"
      },
      {
        "category": "external",
        "summary": "1484895",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484895"
      },
      {
        "category": "external",
        "summary": "1484901",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484901"
      },
      {
        "category": "external",
        "summary": "1484904",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484904"
      },
      {
        "category": "external",
        "summary": "1484956",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484956"
      },
      {
        "category": "external",
        "summary": "1484984",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484984"
      },
      {
        "category": "external",
        "summary": "1485474",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1485474"
      },
      {
        "category": "external",
        "summary": "1486351",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486351"
      },
      {
        "category": "external",
        "summary": "1486474",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486474"
      },
      {
        "category": "external",
        "summary": "1487283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1487283"
      },
      {
        "category": "external",
        "summary": "1487320",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1487320"
      },
      {
        "category": "external",
        "summary": "1487689",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1487689"
      },
      {
        "category": "external",
        "summary": "1488967",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488967"
      },
      {
        "category": "external",
        "summary": "1489974",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489974"
      },
      {
        "category": "external",
        "summary": "1491310",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1491310"
      },
      {
        "category": "external",
        "summary": "1492840",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492840"
      },
      {
        "category": "external",
        "summary": "1493207",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493207"
      },
      {
        "category": "external",
        "summary": "1494561",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494561"
      },
      {
        "category": "external",
        "summary": "1496912",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496912"
      },
      {
        "category": "external",
        "summary": "1496946",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1496946"
      },
      {
        "category": "external",
        "summary": "1497746",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1497746"
      },
      {
        "category": "external",
        "summary": "1497817",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1497817"
      },
      {
        "category": "external",
        "summary": "1497835",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1497835"
      },
      {
        "category": "external",
        "summary": "1498230",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498230"
      },
      {
        "category": "external",
        "summary": "1498556",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498556"
      },
      {
        "category": "external",
        "summary": "1499868",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499868"
      },
      {
        "category": "external",
        "summary": "1500049",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500049"
      },
      {
        "category": "external",
        "summary": "1500051",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500051"
      },
      {
        "category": "external",
        "summary": "1500053",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500053"
      },
      {
        "category": "external",
        "summary": "1502738",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502738"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3005.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat CloudForms security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2026-06-30T11:41:52+00:00",
      "generator": {
        "date": "2026-06-30T11:41:52+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.1"
        }
      },
      "id": "RHSA-2017:3005",
      "initial_release_date": "2017-10-24T00:15:49+00:00",
      "revision_history": [
        {
          "date": "2017-10-24T00:15:49+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-10-24T00:15:49+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-30T11:41:52+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "CloudForms Management Engine 5.8",
                "product": {
                  "name": "CloudForms Management Engine 5.8",
                  "product_id": "7Server-RH7-CFME-5.8",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:cloudforms_managementengine:5.8::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat CloudForms"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "ansible-tower-server-0:3.1.5-1.el7at.x86_64",
                "product": {
                  "name": "ansible-tower-server-0:3.1.5-1.el7at.x86_64",
                  "product_id": "ansible-tower-server-0:3.1.5-1.el7at.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ansible-tower-server@3.1.5-1.el7at?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ansible-tower-setup-0:3.1.5-1.el7at.x86_64",
                "product": {
                  "name": "ansible-tower-setup-0:3.1.5-1.el7at.x86_64",
                  "product_id": "ansible-tower-setup-0:3.1.5-1.el7at.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ansible-tower-setup@3.1.5-1.el7at?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64",
                "product": {
                  "name": "rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64",
                  "product_id": "rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-nokogiri@1.8.1-2.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64",
                "product": {
                  "name": "rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64",
                  "product_id": "rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-nokogiri-debuginfo@1.8.1-2.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64",
                "product": {
                  "name": "rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64",
                  "product_id": "rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-nokogiri-doc@1.8.1-2.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-0:5.8.2.3-1.el7cf.x86_64",
                "product": {
                  "name": "cfme-0:5.8.2.3-1.el7cf.x86_64",
                  "product_id": "cfme-0:5.8.2.3-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme@5.8.2.3-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
                "product": {
                  "name": "cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
                  "product_id": "cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-debuginfo@5.8.2.3-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-appliance-0:5.8.2.3-1.el7cf.x86_64",
                "product": {
                  "name": "cfme-appliance-0:5.8.2.3-1.el7cf.x86_64",
                  "product_id": "cfme-appliance-0:5.8.2.3-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-appliance@5.8.2.3-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
                "product": {
                  "name": "cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
                  "product_id": "cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-appliance-debuginfo@5.8.2.3-1.el7cf?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-gemset-0:5.8.2.3-1.el7cf.x86_64",
                "product": {
                  "name": "cfme-gemset-0:5.8.2.3-1.el7cf.x86_64",
                  "product_id": "cfme-gemset-0:5.8.2.3-1.el7cf.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-gemset@5.8.2.3-1.el7cf?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "supervisor-0:3.1.4-1.el7.src",
                "product": {
                  "name": "supervisor-0:3.1.4-1.el7.src",
                  "product_id": "supervisor-0:3.1.4-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/supervisor@3.1.4-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rabbitmq-server-0:3.6.9-1.el7at.src",
                "product": {
                  "name": "rabbitmq-server-0:3.6.9-1.el7at.src",
                  "product_id": "rabbitmq-server-0:3.6.9-1.el7at.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rabbitmq-server@3.6.9-1.el7at?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src",
                "product": {
                  "name": "rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src",
                  "product_id": "rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-ruby23-rubygem-nokogiri@1.8.1-2.el7cf?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-0:5.8.2.3-1.el7cf.src",
                "product": {
                  "name": "cfme-0:5.8.2.3-1.el7cf.src",
                  "product_id": "cfme-0:5.8.2.3-1.el7cf.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme@5.8.2.3-1.el7cf?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-appliance-0:5.8.2.3-1.el7cf.src",
                "product": {
                  "name": "cfme-appliance-0:5.8.2.3-1.el7cf.src",
                  "product_id": "cfme-appliance-0:5.8.2.3-1.el7cf.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-appliance@5.8.2.3-1.el7cf?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cfme-gemset-0:5.8.2.3-1.el7cf.src",
                "product": {
                  "name": "cfme-gemset-0:5.8.2.3-1.el7cf.src",
                  "product_id": "cfme-gemset-0:5.8.2.3-1.el7cf.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cfme-gemset@5.8.2.3-1.el7cf?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "supervisor-0:3.1.4-1.el7.noarch",
                "product": {
                  "name": "supervisor-0:3.1.4-1.el7.noarch",
                  "product_id": "supervisor-0:3.1.4-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/supervisor@3.1.4-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rabbitmq-server-0:3.6.9-1.el7at.noarch",
                "product": {
                  "name": "rabbitmq-server-0:3.6.9-1.el7at.noarch",
                  "product_id": "rabbitmq-server-0:3.6.9-1.el7at.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rabbitmq-server@3.6.9-1.el7at?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-tower-server-0:3.1.5-1.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:ansible-tower-server-0:3.1.5-1.el7at.x86_64"
        },
        "product_reference": "ansible-tower-server-0:3.1.5-1.el7at.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ansible-tower-setup-0:3.1.5-1.el7at.x86_64 as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:ansible-tower-setup-0:3.1.5-1.el7at.x86_64"
        },
        "product_reference": "ansible-tower-setup-0:3.1.5-1.el7at.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-0:5.8.2.3-1.el7cf.src as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.src"
        },
        "product_reference": "cfme-0:5.8.2.3-1.el7cf.src",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-0:5.8.2.3-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.x86_64"
        },
        "product_reference": "cfme-0:5.8.2.3-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-appliance-0:5.8.2.3-1.el7cf.src as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.src"
        },
        "product_reference": "cfme-appliance-0:5.8.2.3-1.el7cf.src",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-appliance-0:5.8.2.3-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.x86_64"
        },
        "product_reference": "cfme-appliance-0:5.8.2.3-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64"
        },
        "product_reference": "cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64"
        },
        "product_reference": "cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-gemset-0:5.8.2.3-1.el7cf.src as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.src"
        },
        "product_reference": "cfme-gemset-0:5.8.2.3-1.el7cf.src",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cfme-gemset-0:5.8.2.3-1.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.x86_64"
        },
        "product_reference": "cfme-gemset-0:5.8.2.3-1.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rabbitmq-server-0:3.6.9-1.el7at.noarch as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.noarch"
        },
        "product_reference": "rabbitmq-server-0:3.6.9-1.el7at.noarch",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rabbitmq-server-0:3.6.9-1.el7at.src as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.src"
        },
        "product_reference": "rabbitmq-server-0:3.6.9-1.el7at.src",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src"
        },
        "product_reference": "rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64"
        },
        "product_reference": "rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64"
        },
        "product_reference": "rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64 as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64"
        },
        "product_reference": "rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "supervisor-0:3.1.4-1.el7.noarch as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.noarch"
        },
        "product_reference": "supervisor-0:3.1.4-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "supervisor-0:3.1.4-1.el7.src as a component of CloudForms Management Engine 5.8",
          "product_id": "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.src"
        },
        "product_reference": "supervisor-0:3.1.4-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-CFME-5.8"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-11610",
      "cwe": {
        "id": "CWE-77",
        "name": "Improper Neutralization of Special Elements used in a Command ('Command Injection')"
      },
      "discovery_date": "2017-07-27T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1476143"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the XML-RPC interface in supervisord. When processing malformed commands, an attacker can cause arbitrary shell commands to be executed on the server as the same user as supervisord. Exploitation requires the attacker to first be authenticated to the supervisord service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "supervisor: Command injection via malicious XML-RPC request",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-CFME-5.8:ansible-tower-server-0:3.1.5-1.el7at.x86_64",
          "7Server-RH7-CFME-5.8:ansible-tower-setup-0:3.1.5-1.el7at.x86_64",
          "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.src",
          "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.src",
          "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.src",
          "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.noarch",
          "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.src",
          "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src",
          "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.noarch",
          "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-11610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1476143",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1476143"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-11610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-11610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-11610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11610"
        }
      ],
      "release_date": "2017-07-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-24T00:15:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-RH7-CFME-5.8:ansible-tower-server-0:3.1.5-1.el7at.x86_64",
            "7Server-RH7-CFME-5.8:ansible-tower-setup-0:3.1.5-1.el7at.x86_64",
            "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.noarch",
            "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.src",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.noarch",
            "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3005"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-CFME-5.8:ansible-tower-server-0:3.1.5-1.el7at.x86_64",
            "7Server-RH7-CFME-5.8:ansible-tower-setup-0:3.1.5-1.el7at.x86_64",
            "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.noarch",
            "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.src",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.noarch",
            "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "supervisor: Command injection via malicious XML-RPC request"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Ryan Petrello"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-12148",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-08-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1485474"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Tower's interface with SCM repositories. If a Tower project (SCM repository) definition does not have the 'delete before update' flag set, an attacker with commit access to the upstream playbook source repository could create a Trojan playbook that, when executed by Tower, modifies the checked out SCM repository to add git hooks. These git hooks could, in turn, cause arbitrary command and code execution as the user Tower runs as.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tower: modification of git hooks in SCM repo via upstream playbook execution",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-CFME-5.8:ansible-tower-server-0:3.1.5-1.el7at.x86_64",
          "7Server-RH7-CFME-5.8:ansible-tower-setup-0:3.1.5-1.el7at.x86_64",
          "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.src",
          "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.src",
          "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.src",
          "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.noarch",
          "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.src",
          "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src",
          "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64",
          "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.noarch",
          "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12148"
        },
        {
          "category": "external",
          "summary": "RHBZ#1485474",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1485474"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12148",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12148"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12148",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12148"
        }
      ],
      "release_date": "2017-09-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-24T00:15:49+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-RH7-CFME-5.8:ansible-tower-server-0:3.1.5-1.el7at.x86_64",
            "7Server-RH7-CFME-5.8:ansible-tower-setup-0:3.1.5-1.el7at.x86_64",
            "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.noarch",
            "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.src",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.noarch",
            "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3005"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-CFME-5.8:ansible-tower-server-0:3.1.5-1.el7at.x86_64",
            "7Server-RH7-CFME-5.8:ansible-tower-setup-0:3.1.5-1.el7at.x86_64",
            "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-appliance-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-appliance-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-debuginfo-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.src",
            "7Server-RH7-CFME-5.8:cfme-gemset-0:5.8.2.3-1.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.noarch",
            "7Server-RH7-CFME-5.8:rabbitmq-server-0:3.6.9-1.el7at.src",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.src",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-debuginfo-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:rh-ruby23-rubygem-nokogiri-doc-0:1.8.1-2.el7cf.x86_64",
            "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.noarch",
            "7Server-RH7-CFME-5.8:supervisor-0:3.1.4-1.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tower: modification of git hooks in SCM repo via upstream playbook execution"
    }
  ]
}