Lucene search
HistoryJul 31, 2013 - 1:20 p.m.
CVE-2013-2121
CVSS2
6
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.509
Percentile
97.5%
Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create bookmarks to execute arbitrary code via a controller name attribute.
Affected configurations
Node
redhatopenstackMatch3.0
ORtheforemanforemanRange≤1.2.0rc1
ORtheforemanforemanMatch1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | openstack | 3.0 | cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:* |
| theforeman | foreman | * | cpe:2.3:a:theforeman:foreman:*:rc1:*:*:*:*:*:* |
| theforeman | foreman | 1.1 | cpe:2.3:a:theforeman:foreman:1.1:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2013-2121
2013-07-31 13:20:25
metasploit
metasploit
Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection
2013-07-16 15:07:31
packetstorm
packetstorm
Foreman (Red Hat OpenStack/Satellite) Code Injection
2013-07-23 00:00:00
zdt
zdt
Foreman (Red Hat OpenStack/Satellite) Code Injection Vulnerability
2013-07-23 00:00:00
cvelist
cvelist
CVE-2013-2121
2013-07-31 10:00:00
exploitdb
exploitdb
checkpoint_advisories
checkpoint_advisories
Foreman Red Hat OpenStack bookmarks Code Injection (CVE-2013-2121)
2013-10-06 00:00:00
prion
prion
Design/Logic Flaw
2013-07-31 13:20:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:45:55
redhat
redhat
(RHSA-2013:0995) Important: Foreman security and bug fix update
2013-06-27 00:00:00
CVSS2
6
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.509
Percentile
97.5%
Related for NVD:CVE-2013-2121