{"id":"RHSA-2018:1972","summary":"Red Hat Security Advisory: Red Hat CloudForms security, bug fix, and enhancement update","modified":"2026-03-11T07:12:30.856836Z","published":"2024-09-18T04:09:14Z","upstream":["CVE-2018-1101","CVE-2018-1104","CVE-2018-7750"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1972"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1489507"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1496902"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500951"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1511030"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1526156"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1531499"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532272"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1533082"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535369"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1536684"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537132"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1540579"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1541341"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1541427"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1541700"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1544488"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549626"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549723"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549833"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1550116"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1550276"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1550715"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1550729"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1550732"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1550737"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1551627"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1551693"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1551697"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1551699"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1552135"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1552233"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1552780"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1552891"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1552905"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553225"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553249"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553308"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553331"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553337"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553364"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553465"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553473"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1554533"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1554543"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1554900"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1555487"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1556814"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1557025"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1557130"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1558032"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1558039"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1558047"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1558076"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1558595"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1558622"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559551"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559553"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560097"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560099"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1560693"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561077"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1562773"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1562775"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1562798"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1563492"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1563721"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1563741"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1564264"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1564454"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565157"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565162"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565169"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565248"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565342"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565358"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565362"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565364"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565365"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565366"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565389"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565403"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565414"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565678"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565724"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565760"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565835"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1565862"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566256"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566528"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566746"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1567983"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1568016"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1568042"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1568045"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1568084"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1568159"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1568168"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1568576"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1568603"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569079"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569100"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569104"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569118"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569127"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569171"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569179"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569230"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569237"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569241"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1570060"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1570951"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1570990"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1571311"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1572621"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1572719"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1573540"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1574155"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1574571"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1574615"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1576101"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578575"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578853"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578866"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1581387"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1583711"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1583790"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1584187"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1584688"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1589834"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1972.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-1101"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-1101"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1101"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-1104"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-1104"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1104"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-7750"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-7750"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7750"}],"affected":[{"package":{"name":"ansible","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/ansible"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.4.0-1.el7ae"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"ansible-tower-server","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/ansible-tower-server"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.7-1.el7at"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"ansible-tower-setup","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/ansible-tower-setup"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.1.7-1.el7at"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"cfme","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/cfme"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.8.4.5-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"cfme-appliance","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/cfme-appliance"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.8.4.5-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"cfme-appliance-debuginfo","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/cfme-appliance-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.8.4.5-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"cfme-debuginfo","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/cfme-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.8.4.5-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"cfme-gemset","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/cfme-gemset"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:5.8.4.5-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"python-paramiko","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/python-paramiko"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.1-4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"python-paramiko-doc","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/python-paramiko-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.1-4.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"rh-ruby23-rubygem-json","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/rh-ruby23-rubygem-json"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.0-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"rh-ruby23-rubygem-json-debuginfo","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/rh-ruby23-rubygem-json-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.0-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}},{"package":{"name":"rh-ruby23-rubygem-json-doc","ecosystem":"Red Hat:cloudforms_managementengine:5.8::el7","purl":"pkg:rpm/redhat/rh-ruby23-rubygem-json-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.1.0-1.el7cf"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1972.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}