2 matches found
foreman: Foreman: Unauthorized modification of host configurations via broken access control
A flaw was found in Foreman. This broken access control vulnerability allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is achieved by modifying the match field through nested host attributes, effectively bypassing...
guardsix ODBC Enrichment Plugins 代码问题漏洞
Guardsix ODBC Enrichment Plugins are a set of data extension plugins developed by the Danish company Guardsix. Versions of Guardsix ODBC Enrichment Plugins prior to version 5.2.1 contained code vulnerabilities. These vulnerabilities were due to logical flaws that allowed for the reuse of stored...