Lucene search
HistoryAug 14, 2015 - 6:59 p.m.
CVE-2015-1844
foreman
security
bypass
organization
location
restrictions
rest api
cve-2015-1844
6.2 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
56.3%
Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API.
Affected configurations
Node
theforemanforemanRange≤1.7.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| theforeman:foreman | theforeman foreman | le | 1.7.4 |
Related
prion
prion
Authentication flaw
2015-08-14 18:59:00
cvelist
cvelist
CVE-2015-1844
2015-08-14 18:00:00
nvd
nvd
CVE-2015-1844
2015-08-14 18:59:05
veracode
veracode
Man-In-The-Middle (MitM)
2019-05-02 05:42:16
Privilege Escalation
2019-05-02 05:42:19
Privilege Escalation
2019-05-02 05:42:26
nessus
nessus
RHEL 6 : Satellite Server (RHSA-2015:1592)
2015-09-01 00:00:00
RHEL 7 : Satellite Server (RHSA-2015:1591)
2015-09-01 00:00:00
redhat
redhat
(RHSA-2015:1592) Important: Red Hat Satellite 6.1.1 on RHEL 6
2015-08-12 04:47:35
(RHSA-2015:1591) Important: Red Hat Satellite 6.1.1 on RHEL 7
2015-08-12 04:38:51
6.2 Medium
AI Score
Confidence
Low
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
56.3%
Related for CVE-2015-1844