78 matches found
EUVD-2020-6482
Malware in sbrugna...
EUVD-2014-3637
Malware in sbrugna...
EUVD-2013-0245
Malware in sbrugna...
EUVD-2014-0111
Malware in sbrugna...
EUVD-2021-26816
Malware in sbrugna...
EUVD-2014-4434
Malware in sbrugna...
EUVD-2016-4745
Malware in sbrugna...
EUVD-2012-5395
Malware in sbrugna...
CVE-2014-4507
Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to overwrite arbitrary files via a .. dot dot in the dst parameter to tftp/fetchbootfile...
Improper Authorization
Overview smartproxysalt is a Saltstack plug-in for Foreman's Smart Proxy. Affected versions of this package are vulnerable to Improper Authorization by allowing foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to...
CVE-2021-3456
An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources and also causes a denia...
CVE-2021-3456
An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources and also causes a denia...
CVE-2021-3456
CVE-2021-3456 describes an improper authorization handling flaw in Foreman, specifically in the Salt plugin for the smart-proxy, enabling an authenticated local attacker to access and delete resources and cause denial of service. The vulnerability is described across multiple sources (NVD, OSV, R...
Authorization
An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources and also causes a...
CVE-2021-20290
CVE-2021-20290 affects Foreman via the OpenSCAP plugin for the smart-proxy. The vulnerability is an improper authorization handling flaw that allows an authenticated local attacker to access and delete limited resources and to cause a denial of service on the Foreman server. The core issue is tha...
foreman: possible man-in-the-middle in smart_proxy realm_freeipa
A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. The FreeIPA module of Foreman smart proxy does not check the SSL certificate, thus, an unauthenticated attacker can perform actions in FreeIPA if...
CVE-2020-14335
A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability...
CVE-2020-14335
A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability...
Design/Logic Flaw
A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability...
CVE-2020-14335
CVE-2020-14335 describes a vulnerability in Red Hat Satellite where a privileged attacker could read OMAPI secrets via the ISC DHCP server used by Smart-Proxy, potentially gaining control of DHCP records on the network. The CVE is listed with a local attack vector and a low to moderate overall ri...