3 matches found
Improper Privilege Management
Overview katello is a package that adds Content and Subscription Management to Foreman Affected versions of this package are vulnerable to Improper Privilege Management due to not respecting filtering on Product Name when actions are performed via hammer using the repository id. Remediation Upgra...
CVE-2017-2662
A flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restricted access on a repository with a filter filter set on the Product Name, the filter is not respected when the actions are done via hammer using the repository id...
PT-2018-7165 · Foreman · Foreman +1
Name of the Vulnerable Software and Affected Versions: Foreman's katello plugin version 3.4.5 Description: A flaw was found in Foreman's katello plugin. The issue occurs when a new role is set to allow restricted access on a repository with a filter, specifically a filter set on the Product Name...