Lucene search
K

985 matches found

Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.6 views

PT-2026-54787

Name of the Vulnerable Software and Affected Versions Foreman affected versions not specified Description An authenticated user with host-edit permissions can exploit a cross-tenant information disclosure flaw. The issue exists because the taxonomy scope controller method fails to properly valida...

4.3CVSS5.9AI score0.00231EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.5 views

PT-2026-54785

Name of the Vulnerable Software and Affected Versions Foreman affected versions not specified Description A broken access control issue allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is performed by modifying the mat...

6.5CVSS6AI score0.00242EPSS
Exploits0References10
NVD
NVD
added 2026/06/30 11:16 a.m.6 views

CVE-2026-13316

A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component...

4.4CVSS0.00105EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:16 a.m.4 views

UBUNTU-CVE-2026-13316

A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component...

4.4CVSS5.7AI score0.00105EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/30 9:53 a.m.37 views

CVE-2026-13316 Foreman: ssrf to cloud metada service through unvalidated test_url parameters in foreman config

A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component...

4.4CVSS0.00105EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/30 9:53 a.m.6 views

EUVD-2026-40281

A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component...

4.4CVSS5.7AI score0.00105EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 9:53 a.m.8 views

CVE-2026-13316 Foreman: ssrf to cloud metada service through unvalidated test_url parameters in foreman config

A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component...

4.4CVSS5.7AI score0.00105EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/30 9:53 a.m.6 views

CVE-2026-13316

A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component...

4.4CVSS5.7AI score0.00105EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 9:53 a.m.17 views

CVE-2026-13316

Foreman (HTTP proxies: http_proxies_controller, http_proxy) is affected by a flaw that allows SSRF, enabling access to cloud metadata services in AWS/GCP/Azure environments via modified HTTP parameters. Root cause involves unvalidated/test_url parameters in Foreman’s configuration paths. Impact i...

4.4CVSS5.7AI score0.00105EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/30 9:52 a.m.8 views

CVE-2026-13316

A flaw has been found in foreman when HTTP parameters are modified in httpproxiescontroller and httpproxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS/GCP/Azure environment through foreman component. Mitigation Mitigation for this issue is either not availab...

4.4CVSS5.6AI score0.00105EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 9:17 p.m.15 views

CVE-2026-9073

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

6.2CVSS0.00152EPSS
Exploits0References3
NVD
NVD
added 2026/06/23 9:16 p.m.7 views

CVE-2026-12112

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

7.8CVSS0.00153EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/23 7:53 p.m.7 views

EUVD-2026-38603

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

6.2CVSS5.8AI score0.00152EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/23 7:53 p.m.5 views

CVE-2026-9073

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

6.2CVSS5.8AI score0.00152EPSS
Exploits0References4
CVE
CVE
added 2026/06/23 7:53 p.m.13 views

CVE-2026-9073

Foreman-mcp-server (MCP server) contains a log-related vulnerability that can leak sensitive credentials via log files. Two separate logging paths are involved: (1) session identifiers are logged at informational level and treated as authentication credentials, and (2) debug logging partially san...

6.2CVSS5.8AI score0.00152EPSS
Exploits0References3Affected Software2
Vulnrichment
Vulnrichment
added 2026/06/23 7:53 p.m.8 views

CVE-2026-9073 Foreman-mcp-server: mcp server: insecure sensitive http header sanitization

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

6.2CVSS5.8AI score0.00152EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/23 7:53 p.m.7 views

CVE-2026-9073

A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitive session and authentication data. One mechanism logs session identifiers, which are treated as authentication credentials, at an informational level. The other, when debug...

6.2CVSS5.7AI score0.00152EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 7:40 p.m.42 views

CVE-2026-12112 Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

7.8CVSS0.00153EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/23 7:40 p.m.9 views

CVE-2026-12112 Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse

A flaw was found in the foreman-mcp-server. A session management vulnerability in the MCP Server allows unauthenticated attackers to hijack active administrative sessions due to an improper cache of authenticated client connections, by trusting a non-secret session ID without re-validating...

7.8CVSS5.9AI score0.00153EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 7:40 p.m.9 views

CVE-2026-12112

CVE-2026-12112 affects the foreman-mcp-server MCP Server. The issue is a session management vulnerability where an improper cache of authenticated client connections allows an unauthenticated attacker to hijack active administrative sessions by trusting a non-secret session ID without re-validati...

7.8CVSS5.9AI score0.00153EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder