CVE-2023-0118
Foreman: arbitrary code execution through templates
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass safe mode in templates and execute arbitrary code on the underlying operating system.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
foremanRed Hat · Red Hat Satellite 6.11 for RHEL 7Red Hat · Red Hat Satellite 6.11 for RHEL 8Red Hat · Red Hat Satellite 6.12 for RHEL 8Red Hat · Red Hat Satellite 6.13 for RHEL 8Red Hat · Red Hat Satellite 6.14 for RHEL 8Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2023:4466https://access.redhat.com/errata/RHSA-2023:5979https://access.redhat.com/errata/RHSA-2023:5980https://access.redhat.com/errata/RHSA-2023:6818https://access.redhat.com/security/cve/CVE-2023-0118https://bugzilla.redhat.com/show_bug.cgi?id=2159291