CVE-2016-5383

high

Published 2016-08-26 · Modified 2026-05-06

CVSS v3

8.8

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2

6.5

VIR risk

8.8

Description

The web UI in Red Hat CloudForms 4.1 allows remote authenticated users to execute arbitrary code via vectors involving "Lack of field filters."

Exploit likelihood

92%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — http://rhn.redhat.com/errata/RHSA-2016-1634.html

Vendor	Product	Versions	Fixed
redhat	cloudforms	`4.1`

CWE-284

Verify integrity in audit chain (admin only). AS-IS.