Just a quick write-up for RedHat Cloud Form Cloud management graphical interface vulnerability (CVE-2017-15123) which affects versions 5.8, 5.9 and 5.10.
all these versions are vulnerable to broken authentication vulnerability where the RSS feed can be accessed without any authentication, RSS feeds contains many information like all new Virtual Machines created on the platform.
Example Exploit URL is.
https://XX.XX.XX.XX/alert/rss?feed=newest_hosts
