High severity8.8NVD Advisory· Published Sep 10, 2018· Updated Jun 17, 2026
CVE-2016-7071
CVE-2016-7071
Description
It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users. A remote, authenticated attacker could use this flaw to execute arbitrary VMs on systems managed by CloudForms if they know the ID of the VM.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <5.6.2.2, <5.7.0.7
- Red Hat/CFMEv5Range: 5.6.2.2
Patches
Vulnerability mechanics
References
2- rhn.redhat.com/errata/RHSA-2016-2091.htmlnvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor Advisory
News mentions
0No linked articles in our index yet.