Gellert Kis of Red Hat reports: The CloudForms VMRC plugin console grants users administrative access due to incorrect session privileges.
Acknowledgments: Name: Gellert Kis (Red Hat)
This issue has been addressed in the following products: CloudForms Management Engine 5.8 Via RHSA-2018:0374 https://access.redhat.com/errata/RHSA-2018:0374