7 matches found
EUVD-2021-26791
Malware in sbrugna...
CVE-2021-3469
Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. An authenticated attacker can impersonate the foreman-proxy if product enable the Puppet Certificate authority CA to sign certificate requests that have subject alternative names SANs. Foreman d...
CVE-2021-3469
Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. An authenticated attacker can impersonate the foreman-proxy if product enable the Puppet Certificate authority CA to sign certificate requests that have subject alternative names SANs. Foreman d...
Authorization
Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. An authenticated attacker can impersonate the foreman-proxy if product enable the Puppet Certificate authority CA to sign certificate requests that have subject alternative names SANs. Foreman d...
CVE-2021-3469
CVE-2021-3469 affects Foreman prior to 2.3.4 and prior to 2.4.0, due to an improper authorization handling flaw that lets an authenticated attacker impersonate the foreman-proxy when the Puppet CA is configured to sign certificate requests containing SANs. Foreman does not enable SANs by default,...
CVE-2021-3469
Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. An authenticated attacker can impersonate the foreman-proxy if product enable the Puppet Certificate authority CA to sign certificate requests that have subject alternative names SANs. Foreman d...
PT-2021-20648 · Foreman +1 · Foreman +1
Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 2.3.4 Foreman versions prior to 2.4.0 Description: The issue is related to improper authorization handling. An authenticated attacker can exploit this to impersonate the foreman-proxy if the product is configured to...