Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1555

Malicious code in bioql PyPI...

8CVSS7.8AI score0.01031EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/26 3:34 a.m.63 views

Security Bulletin: Multiple Vulnerabilities in Multicloud Management Security Services

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Multicloud Management Security Services Vulnerability Details CVEID:CVE-2022-1705 DESCRIPTION: Golang Go is vulnerable to HTTP request smuggling, caused by a flaw with accepting of some invalid Transfer-Encoding headers in the HTTP/...

8CVSS9.9AI score0.24928EPSS
Exploits4Affected Software1
OSV
OSV
added 2022/03/24 12:0 a.m.32 views

GHSA-VVFF-6WRR-4G7Q Missing Authentication for Critical Function in Foreman Ansible

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8CVSS7.5AI score0.01031EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/03/24 12:0 a.m.43 views

Missing Authentication for Critical Function in Foreman Ansible

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8CVSS7.5AI score0.01031EPSS
Exploits0References6Affected Software1
RubySec
RubySec
added 2022/03/24 12:0 a.m.20 views

Missing Authentication for Critical Function in Foreman Ansible

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8CVSS2.6AI score0.01031EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/03/23 8:15 p.m.4 views

CVE-2021-3589

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8CVSS7.2AI score0.01031EPSS
Exploits0References2
NVD
NVD
added 2022/03/23 8:15 p.m.17 views

CVE-2021-3589

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8CVSS0.01031EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/03/23 8:15 p.m.5 views

CVE-2021-3589

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8CVSS5.5AI score0.01031EPSS
Exploits0References3
Prion
Prion
added 2022/03/23 8:15 p.m.22 views

Authorization

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

6.5CVSS7.6AI score0.01031EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2022/03/23 7:46 p.m.122 views

CVE-2021-3589

CVE-2021-3589 describes an authorization flaw in Foreman Ansible where an authenticated user with certain permissions to create/run Ansible jobs can bypass security and access hosts via job templates. The issue is triggered by sending a crafted request, potentially impacting confidentiality, inte...

8CVSS7.5AI score0.01031EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/03/23 7:46 p.m.22 views

CVE-2021-3589

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.8AI score0.01031EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/03/23 12:0 a.m.4 views

PT-2022-10476 · Unknown · Foreman Ansible

Name of the Vulnerable Software and Affected Versions: Foreman Ansible affected versions not specified Description: An authorization flaw was found, allowing an authenticated attacker with certain permissions to create and run Ansible jobs to access hosts through job templates. This poses a threa...

8CVSS7.4AI score0.01031EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2021/06/09 10:14 a.m.74 views

CVE-2021-3589

An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

8CVSS2.9AI score0.01031EPSS
Exploits0References3
Snyk
Snyk
added 2021/05/28 1:7 p.m.2 views

Information Exposure

Overview foremanansible is an Ansible integration with Foreman. Affected versions of this package are vulnerable to Information Exposure. A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious...

6.5CVSS6.5AI score0.00768EPSS
Exploits0References2
OSV
OSV
added 2021/05/27 7:15 p.m.5 views

CVE-2020-10716

A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects...

6.5CVSS6.6AI score0.00768EPSS
Exploits0References2
Rows per page
Query Builder