7 matches found
EUVD-2014-0244
Malware in sbrugna...
foreman: Information disclosure in provisioning template previews
A flaw was found in foreman's handling of template previews. An attacker with permissions to preview host templates can access the template preview for any host if they are able to guess the host name, disclosing potentially sensitive information...
Foreman 1.11.x < 1.11.4, 1.12.0 Information Disclosure Vulnerability
Foreman is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:theforeman:foreman";...
Moderate: Red Hat Bug Fix Advisory: Satellite 6.2.2 bug fix update
Updated Satellite 6.2 packages that fix several bugs are now available. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs...
CVE-2016-4995
Foreman before 1.11.4 and 1.12.x before 1.12.1 does not properly restrict access to preview provisioning templates, which allows remote authenticated users with permission to view some hosts to obtain sensitive host configuration information via a URL with a hostname...
Foreman: provisioning templates are world accessible
Foreman 1.4.0 before 1.5.0 does not properly restrict access to provisioning template previews, which allows remote attackers to obtain sensitive information via the hostname parameter, related to "spoof."...
CVE-2014-0192
Foreman 1.4.0 before 1.5.0 does not properly restrict access to provisioning template previews, which allows remote attackers to obtain sensitive information via the hostname parameter, related to "spoof."...