Vulnerabilidades em Foreman
7 resultadosCVE-2017-7505—Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigEPSS 1.6%CVE-2014-0091—Foreman has improper input validation which could lead to partial Denial of ServiceEPSS 1.6%CVE-2017-7535MEDIUMforeman before version 1.16.0 is vulnerable to a stored XSS in organizations/locations assignment to hosts. Exploiting this requires a user EPSS 1.5%CVE-2016-7077MEDIUMforeman before 1.14.0 is vulnerable to an information leak. It was found that Foreman form helper does not authorize options for associated EPSS 1.4%CVE-2016-7078MEDIUMforeman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature. When a user is assigned _no_EPSS 1.4%CVE-2017-2667—Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verify_ssl flag for apipie-bindings that disable itEPSS 0.7%CVE-2016-9595HIGHA flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploitEPSS 0.4%