Medium severity6.5NVD Advisory· Published Jul 27, 2018· Updated Jun 17, 2026
CVE-2017-2639
CVE-2017-2639
Description
It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with Red Hat Virtualization (RHEV) and OpenShift. This would allow an attacker to spoof RHEV or OpenShift systems and potentially harvest sensitive information from CloudForms.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: n/a
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/98769nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1038599nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2017:1367nvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor Advisory
News mentions
0No linked articles in our index yet.