It is reported that CloudForms fails to protect potentially sensitive data stored in the backend PostgreSQL database. This is due to encrypted data being decrypted and then stashed in data structures which may be inadvertently exposed (e.g. through database log files).
This issue has been addressed in the following products: CloudForms Management Engine 5.5 Via RHSA-2015:2551 https://access.redhat.com/errata/RHSA-2015:2551
This issue has been addressed in the following products: CloudForms Management Engine 5.4 Via RHSA-2015:2620 https://rhn.redhat.com/errata/RHSA-2015-2620.html