{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Low" }, "category": "csaf_vex", "csaf_version": "2.0", "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "title": "Grinder in Red Hat CloudForms: Local users can modify cache files via world-writable permissions", "tracking": { "current_release_date": "2026-05-06T20:12:25+00:00", "generator": { "date": "2026-05-06T20:12:25+00:00", "engine": { "name": "CSAF Generator", "version": "2.0.1" } }, "id": "CVE-2012-5605", "initial_release_date": "2013-01-04T22:00:00+00:00", "revision_history": [ { "date": "2026-05-06T20:12:25+00:00", "number": "1", "summary": "Last generated version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "category": "vendor", "name": "Red Hat", "branches": [ { "category": "product_name", "name": "Red Hat CloudForms unspecified", "product": { "name": "Red Hat CloudForms unspecified", "product_id": "cfme-5::el5", "product_identification_helper": { "cpe": "cpe:/a:cloudforms_tools:1::el5" } } }, { "category": "product_name", "name": "Red Hat CloudForms unspecified", "product": { "name": "Red Hat CloudForms unspecified", "product_id": "cfme-5::el6", "product_identification_helper": { "cpe": "cpe:/a:cloudforms_systemengine:1::el6" } } }, { "category": "product_name", "name": "Red Hat CloudForms 6.0.0", "product": { "name": "Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el5", "product_identification_helper": { "cpe": "cpe:/a:cloudforms_tools:1::el5" } } }, { "category": "product_name", "name": "Red Hat CloudForms 6.0.0", "product": { "name": "Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6", "product_identification_helper": { "cpe": "cpe:/a:cloudforms_systemengine:1::el6" } } }, { "category": "product_version", "name": "candlepin", "product": { "name": "candlepin", "product_id": "candlepin-0:0.7.8.1-1.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/candlepin@0.7.8.1-1.el6cf?epoch=0" } } }, { "category": "product_version", "name": "gofer", "product": { "name": "gofer", "product_id": "gofer-0:0.66.1-2.el5", "product_identification_helper": { "purl": "pkg:rpm/redhat/gofer@0.66.1-2.el5?epoch=0" } } }, { "category": "product_version", "name": "gofer", "product": { "name": "gofer", "product_id": "gofer-0:0.66.1-2.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/gofer@0.66.1-2.el6cf?epoch=0" } } }, { "category": "product_version", "name": "grinder", "product": { "name": "grinder", "product_id": "grinder-0:0.0.150-1.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/grinder@0.0.150-1.el6cf?epoch=0" } } }, { "category": "product_version", "name": "katello", "product": { "name": "katello", "product_id": "katello-0:1.1.12-22.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/katello@1.1.12-22.el6cf?epoch=0" } } }, { "category": "product_version", "name": "katello-agent", "product": { "name": "katello-agent", "product_id": "katello-agent-0:1.1.2-1.el5", "product_identification_helper": { "purl": "pkg:rpm/redhat/katello-agent@1.1.2-1.el5?epoch=0" } } }, { "category": "product_version", "name": "katello-agent", "product": { "name": "katello-agent", "product_id": "katello-agent-0:1.1.2-1.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/katello-agent@1.1.2-1.el6cf?epoch=0" } } }, { "category": "product_version", "name": "katello-certs-tools", "product": { "name": "katello-certs-tools", "product_id": "katello-certs-tools-0:1.1.8-1.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/katello-certs-tools@1.1.8-1.el6cf?epoch=0" } } }, { "category": "product_version", "name": "katello-cli", "product": { "name": "katello-cli", "product_id": "katello-cli-0:1.1.8-12.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/katello-cli@1.1.8-12.el6cf?epoch=0" } } }, { "category": "product_version", "name": "katello-cli-tests", "product": { "name": "katello-cli-tests", "product_id": "katello-cli-tests-0:1.1.5-2.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/katello-cli-tests@1.1.5-2.el6cf?epoch=0" } } }, { "category": "product_version", "name": "katello-configure", "product": { "name": "katello-configure", "product_id": "katello-configure-0:1.1.9-12.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/katello-configure@1.1.9-12.el6cf?epoch=0" } } }, { "category": "product_version", "name": "katello-selinux", "product": { "name": "katello-selinux", "product_id": "katello-selinux-0:1.1.1-2.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/katello-selinux@1.1.1-2.el6cf?epoch=0" } } }, { "category": "product_version", "name": "pulp", "product": { "name": "pulp", "product_id": "pulp-0:1.1.14-1.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/pulp@1.1.14-1.el6cf?epoch=0" } } }, { "category": "product_version", "name": "quartz", "product": { "name": "quartz", "product_id": "quartz-0:2.1.5-4.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/quartz@2.1.5-4.el6cf?epoch=0" } } }, { "category": "product_version", "name": "rubygem-apipie-rails", "product": { "name": "rubygem-apipie-rails", "product_id": "rubygem-apipie-rails-0:0.0.11-3.el6cf", "product_identification_helper": { "purl": "pkg:rpm/redhat/rubygem-apipie-rails@0.0.11-3.el6cf?epoch=0" } } } ] } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "candlepin-0:0.7.8.1-1.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:candlepin-0:0.7.8.1-1.el6cf" }, "product_reference": "candlepin-0:0.7.8.1-1.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "candlepin-0:0.7.8.1-1.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:candlepin-0:0.7.8.1-1.el6cf" }, "product_reference": "candlepin-0:0.7.8.1-1.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "gofer-0:0.66.1-2.el5 as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el5:gofer-0:0.66.1-2.el5" }, "product_reference": "gofer-0:0.66.1-2.el5", "relates_to_product_reference": "cfme-5::el5" }, { "category": "default_component_of", "full_product_name": { "name": "gofer-0:0.66.1-2.el5 as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el5:gofer-0:0.66.1-2.el5" }, "product_reference": "gofer-0:0.66.1-2.el5", "relates_to_product_reference": "cfme-6::el5" }, { "category": "default_component_of", "full_product_name": { "name": "gofer-0:0.66.1-2.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:gofer-0:0.66.1-2.el6cf" }, "product_reference": "gofer-0:0.66.1-2.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "gofer-0:0.66.1-2.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:gofer-0:0.66.1-2.el6cf" }, "product_reference": "gofer-0:0.66.1-2.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "grinder-0:0.0.150-1.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:grinder-0:0.0.150-1.el6cf" }, "product_reference": "grinder-0:0.0.150-1.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "grinder-0:0.0.150-1.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:grinder-0:0.0.150-1.el6cf" }, "product_reference": "grinder-0:0.0.150-1.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-0:1.1.12-22.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:katello-0:1.1.12-22.el6cf" }, "product_reference": "katello-0:1.1.12-22.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-0:1.1.12-22.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:katello-0:1.1.12-22.el6cf" }, "product_reference": "katello-0:1.1.12-22.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-agent-0:1.1.2-1.el5 as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el5:katello-agent-0:1.1.2-1.el5" }, "product_reference": "katello-agent-0:1.1.2-1.el5", "relates_to_product_reference": "cfme-6::el5" }, { "category": "default_component_of", "full_product_name": { "name": "katello-agent-0:1.1.2-1.el5 as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el5:katello-agent-0:1.1.2-1.el5" }, "product_reference": "katello-agent-0:1.1.2-1.el5", "relates_to_product_reference": "cfme-5::el5" }, { "category": "default_component_of", "full_product_name": { "name": "katello-agent-0:1.1.2-1.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:katello-agent-0:1.1.2-1.el6cf" }, "product_reference": "katello-agent-0:1.1.2-1.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-agent-0:1.1.2-1.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:katello-agent-0:1.1.2-1.el6cf" }, "product_reference": "katello-agent-0:1.1.2-1.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-certs-tools-0:1.1.8-1.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:katello-certs-tools-0:1.1.8-1.el6cf" }, "product_reference": "katello-certs-tools-0:1.1.8-1.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-certs-tools-0:1.1.8-1.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:katello-certs-tools-0:1.1.8-1.el6cf" }, "product_reference": "katello-certs-tools-0:1.1.8-1.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-cli-0:1.1.8-12.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:katello-cli-0:1.1.8-12.el6cf" }, "product_reference": "katello-cli-0:1.1.8-12.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-cli-0:1.1.8-12.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:katello-cli-0:1.1.8-12.el6cf" }, "product_reference": "katello-cli-0:1.1.8-12.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-cli-tests-0:1.1.5-2.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:katello-cli-tests-0:1.1.5-2.el6cf" }, "product_reference": "katello-cli-tests-0:1.1.5-2.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-cli-tests-0:1.1.5-2.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:katello-cli-tests-0:1.1.5-2.el6cf" }, "product_reference": "katello-cli-tests-0:1.1.5-2.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-configure-0:1.1.9-12.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:katello-configure-0:1.1.9-12.el6cf" }, "product_reference": "katello-configure-0:1.1.9-12.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-configure-0:1.1.9-12.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:katello-configure-0:1.1.9-12.el6cf" }, "product_reference": "katello-configure-0:1.1.9-12.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-selinux-0:1.1.1-2.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:katello-selinux-0:1.1.1-2.el6cf" }, "product_reference": "katello-selinux-0:1.1.1-2.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "katello-selinux-0:1.1.1-2.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:katello-selinux-0:1.1.1-2.el6cf" }, "product_reference": "katello-selinux-0:1.1.1-2.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "pulp-0:1.1.14-1.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:pulp-0:1.1.14-1.el6cf" }, "product_reference": "pulp-0:1.1.14-1.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "pulp-0:1.1.14-1.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:pulp-0:1.1.14-1.el6cf" }, "product_reference": "pulp-0:1.1.14-1.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:2.1.5-4.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:quartz-0:2.1.5-4.el6cf" }, "product_reference": "quartz-0:2.1.5-4.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "quartz-0:2.1.5-4.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:quartz-0:2.1.5-4.el6cf" }, "product_reference": "quartz-0:2.1.5-4.el6cf", "relates_to_product_reference": "cfme-5::el6" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-apipie-rails-0:0.0.11-3.el6cf as a component of Red Hat CloudForms 6.0.0", "product_id": "cfme-6::el6:rubygem-apipie-rails-0:0.0.11-3.el6cf" }, "product_reference": "rubygem-apipie-rails-0:0.0.11-3.el6cf", "relates_to_product_reference": "cfme-6::el6" }, { "category": "default_component_of", "full_product_name": { "name": "rubygem-apipie-rails-0:0.0.11-3.el6cf as a component of Red Hat CloudForms unspecified", "product_id": "cfme-5::el6:rubygem-apipie-rails-0:0.0.11-3.el6cf" }, "product_reference": "rubygem-apipie-rails-0:0.0.11-3.el6cf", "relates_to_product_reference": "cfme-5::el6" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-5605", "cwe": { "id": "CWE-276", "name": "Incorrect Default Permissions" }, "discovery_date": "2026-04-02T15:03:00+00:00", "notes": [ { "category": "description", "text": "A flaw was found in Grinder, a component of Red Hat CloudForms. This vulnerability allows a local user to modify Grinder's cache files due to incorrect world-writable permissions set on the `/var/lib/pulp/cache/grinder/` directory. This could lead to unauthorized data tampering within the application's cache.", "title": "Vulnerability description" } ], "product_status": { "fixed": [ "cfme-5::el5:gofer-0:0.66.1-2.el5", "cfme-5::el5:katello-agent-0:1.1.2-1.el5", "cfme-5::el6:candlepin-0:0.7.8.1-1.el6cf", "cfme-5::el6:gofer-0:0.66.1-2.el6cf", "cfme-5::el6:grinder-0:0.0.150-1.el6cf", "cfme-5::el6:katello-0:1.1.12-22.el6cf", "cfme-5::el6:katello-agent-0:1.1.2-1.el6cf", "cfme-5::el6:katello-certs-tools-0:1.1.8-1.el6cf", "cfme-5::el6:katello-cli-0:1.1.8-12.el6cf", "cfme-5::el6:katello-cli-tests-0:1.1.5-2.el6cf", "cfme-5::el6:katello-configure-0:1.1.9-12.el6cf", "cfme-5::el6:katello-selinux-0:1.1.1-2.el6cf", "cfme-5::el6:pulp-0:1.1.14-1.el6cf", "cfme-5::el6:quartz-0:2.1.5-4.el6cf", "cfme-5::el6:rubygem-apipie-rails-0:0.0.11-3.el6cf", "cfme-6::el5:gofer-0:0.66.1-2.el5", "cfme-6::el5:katello-agent-0:1.1.2-1.el5", "cfme-6::el6:candlepin-0:0.7.8.1-1.el6cf", "cfme-6::el6:gofer-0:0.66.1-2.el6cf", "cfme-6::el6:grinder-0:0.0.150-1.el6cf", "cfme-6::el6:katello-0:1.1.12-22.el6cf", "cfme-6::el6:katello-agent-0:1.1.2-1.el6cf", "cfme-6::el6:katello-certs-tools-0:1.1.8-1.el6cf", "cfme-6::el6:katello-cli-0:1.1.8-12.el6cf", "cfme-6::el6:katello-cli-tests-0:1.1.5-2.el6cf", "cfme-6::el6:katello-configure-0:1.1.9-12.el6cf", "cfme-6::el6:katello-selinux-0:1.1.1-2.el6cf", "cfme-6::el6:pulp-0:1.1.14-1.el6cf", "cfme-6::el6:quartz-0:2.1.5-4.el6cf", "cfme-6::el6:rubygem-apipie-rails-0:0.0.11-3.el6cf" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5605" }, { "category": "external", "summary": "nvd.nist.gov", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5605" }, { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5605" } ], "remediations": [ { "category": "vendor_fix", "date": "2012-12-04T19:39:59+00:00", "details": "Apply advisory RHSA-2012:1543 as per vendors instructions.", "product_ids": [ "cfme-5::el5:gofer-0:0.66.1-2.el5", "cfme-5::el5:katello-agent-0:1.1.2-1.el5", "cfme-5::el6:candlepin-0:0.7.8.1-1.el6cf", "cfme-5::el6:gofer-0:0.66.1-2.el6cf", "cfme-5::el6:grinder-0:0.0.150-1.el6cf", "cfme-5::el6:katello-0:1.1.12-22.el6cf", "cfme-5::el6:katello-agent-0:1.1.2-1.el6cf", "cfme-5::el6:katello-certs-tools-0:1.1.8-1.el6cf", "cfme-5::el6:katello-cli-0:1.1.8-12.el6cf", "cfme-5::el6:katello-cli-tests-0:1.1.5-2.el6cf", "cfme-5::el6:katello-configure-0:1.1.9-12.el6cf", "cfme-5::el6:katello-selinux-0:1.1.1-2.el6cf", "cfme-5::el6:pulp-0:1.1.14-1.el6cf", "cfme-5::el6:quartz-0:2.1.5-4.el6cf", "cfme-5::el6:rubygem-apipie-rails-0:0.0.11-3.el6cf", "cfme-6::el5:gofer-0:0.66.1-2.el5", "cfme-6::el5:katello-agent-0:1.1.2-1.el5", "cfme-6::el6:candlepin-0:0.7.8.1-1.el6cf", "cfme-6::el6:gofer-0:0.66.1-2.el6cf", "cfme-6::el6:grinder-0:0.0.150-1.el6cf", "cfme-6::el6:katello-0:1.1.12-22.el6cf", "cfme-6::el6:katello-agent-0:1.1.2-1.el6cf", "cfme-6::el6:katello-certs-tools-0:1.1.8-1.el6cf", "cfme-6::el6:katello-cli-0:1.1.8-12.el6cf", "cfme-6::el6:katello-cli-tests-0:1.1.5-2.el6cf", "cfme-6::el6:katello-configure-0:1.1.9-12.el6cf", "cfme-6::el6:katello-selinux-0:1.1.1-2.el6cf", "cfme-6::el6:pulp-0:1.1.14-1.el6cf", "cfme-6::el6:quartz-0:2.1.5-4.el6cf", "cfme-6::el6:rubygem-apipie-rails-0:0.0.11-3.el6cf" ], "url": "https://access.redhat.com/errata/RHSA-2012:1543" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 3.3, "baseSeverity": "LOW" }, "products": [ "cfme-5::el5:gofer-0:0.66.1-2.el5", "cfme-5::el5:katello-agent-0:1.1.2-1.el5", "cfme-5::el6:candlepin-0:0.7.8.1-1.el6cf", "cfme-5::el6:gofer-0:0.66.1-2.el6cf", "cfme-5::el6:grinder-0:0.0.150-1.el6cf", "cfme-5::el6:katello-0:1.1.12-22.el6cf", "cfme-5::el6:katello-agent-0:1.1.2-1.el6cf", "cfme-5::el6:katello-certs-tools-0:1.1.8-1.el6cf", "cfme-5::el6:katello-cli-0:1.1.8-12.el6cf", "cfme-5::el6:katello-cli-tests-0:1.1.5-2.el6cf", "cfme-5::el6:katello-configure-0:1.1.9-12.el6cf", "cfme-5::el6:katello-selinux-0:1.1.1-2.el6cf", "cfme-5::el6:pulp-0:1.1.14-1.el6cf", "cfme-5::el6:quartz-0:2.1.5-4.el6cf", "cfme-5::el6:rubygem-apipie-rails-0:0.0.11-3.el6cf", "cfme-6::el5:gofer-0:0.66.1-2.el5", "cfme-6::el5:katello-agent-0:1.1.2-1.el5", "cfme-6::el6:candlepin-0:0.7.8.1-1.el6cf", "cfme-6::el6:gofer-0:0.66.1-2.el6cf", "cfme-6::el6:grinder-0:0.0.150-1.el6cf", "cfme-6::el6:katello-0:1.1.12-22.el6cf", "cfme-6::el6:katello-agent-0:1.1.2-1.el6cf", "cfme-6::el6:katello-certs-tools-0:1.1.8-1.el6cf", "cfme-6::el6:katello-cli-0:1.1.8-12.el6cf", "cfme-6::el6:katello-cli-tests-0:1.1.5-2.el6cf", "cfme-6::el6:katello-configure-0:1.1.9-12.el6cf", "cfme-6::el6:katello-selinux-0:1.1.1-2.el6cf", "cfme-6::el6:pulp-0:1.1.14-1.el6cf", "cfme-6::el6:quartz-0:2.1.5-4.el6cf", "cfme-6::el6:rubygem-apipie-rails-0:0.0.11-3.el6cf" ] } ], "threats": [ { "category": "impact", "details": "Low", "product_ids": [ "cfme-5::el5:gofer-0:0.66.1-2.el5", "cfme-5::el5:katello-agent-0:1.1.2-1.el5", "cfme-5::el6:candlepin-0:0.7.8.1-1.el6cf", "cfme-5::el6:gofer-0:0.66.1-2.el6cf", "cfme-5::el6:grinder-0:0.0.150-1.el6cf", "cfme-5::el6:katello-0:1.1.12-22.el6cf", "cfme-5::el6:katello-agent-0:1.1.2-1.el6cf", "cfme-5::el6:katello-certs-tools-0:1.1.8-1.el6cf", "cfme-5::el6:katello-cli-0:1.1.8-12.el6cf", "cfme-5::el6:katello-cli-tests-0:1.1.5-2.el6cf", "cfme-5::el6:katello-configure-0:1.1.9-12.el6cf", "cfme-5::el6:katello-selinux-0:1.1.1-2.el6cf", "cfme-5::el6:pulp-0:1.1.14-1.el6cf", "cfme-5::el6:quartz-0:2.1.5-4.el6cf", "cfme-5::el6:rubygem-apipie-rails-0:0.0.11-3.el6cf", "cfme-6::el5:gofer-0:0.66.1-2.el5", "cfme-6::el5:katello-agent-0:1.1.2-1.el5", "cfme-6::el6:candlepin-0:0.7.8.1-1.el6cf", "cfme-6::el6:gofer-0:0.66.1-2.el6cf", "cfme-6::el6:grinder-0:0.0.150-1.el6cf", "cfme-6::el6:katello-0:1.1.12-22.el6cf", "cfme-6::el6:katello-agent-0:1.1.2-1.el6cf", "cfme-6::el6:katello-certs-tools-0:1.1.8-1.el6cf", "cfme-6::el6:katello-cli-0:1.1.8-12.el6cf", "cfme-6::el6:katello-cli-tests-0:1.1.5-2.el6cf", "cfme-6::el6:katello-configure-0:1.1.9-12.el6cf", "cfme-6::el6:katello-selinux-0:1.1.1-2.el6cf", "cfme-6::el6:pulp-0:1.1.14-1.el6cf", "cfme-6::el6:quartz-0:2.1.5-4.el6cf", "cfme-6::el6:rubygem-apipie-rails-0:0.0.11-3.el6cf" ] } ], "title": "Grinder in Red Hat CloudForms: Local users can modify cache files via world-writable permissions" } ] }