CVE-2014-0090
Affected software : Foreman prior to 1.4.2 (affects Foreman-based stacks; linked Red Hat Satellite context may apply). Vulnerability : Session fixation via the session id cookie. Impact : Remote attackers can hijack web sessions. Root cause : Session identifier handling enables fixation attacks. ...