2 matches found
CVE-2013-2113
creationtimestamp| type| source ---|---|--- 2013-08-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/27776 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/foremanopenstacksatelliteprivesc.rb 2025-02-06...
CVE-2013-2113
CVE-2013-2113 affects Foreman before 1.2.0-RC2. The vulnerability lies in the create method of app/controllers/users_controller.rb, where remote authenticated users with create_users permissions can gain privileges by either flipping the admin flag or assigning an arbitrary role. Impact is privil...