Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2022/08/26 4:15 p.m.0 views

CVE-2021-20260

A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with viewhosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

7.8CVSS5.8AI score0.00033EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2022/08/26 12:0 a.m.3 views

PT-2022-9174 · Foreman · Foreman

Name of the Vulnerable Software and Affected Versions: Foreman affected versions not specified Description: A flaw was found in the Foreman project, specifically in the Datacenter plugin, which exposes the password through the API to an authenticated local attacker with view hosts permission. Thi...

7.8CVSS7.3AI score0.00033EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2021/11/16 3:43 p.m.2 views

Satellite: BMC controller credential leak via API

A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with viewhosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

5.3CVSS5.7AI score0.00119EPSS
Exploits0References4
OSV
OSVadded 2021/02/23 11:15 p.m.0 views

CVE-2021-20256

A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with viewhosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

5.3CVSS6.5AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2021/02/23 12:0 a.m.1 views

PT-2021-13860 · Red Hat · Red Hat Satellite

Name of the Vulnerable Software and Affected Versions: Red Hat Satellite affected versions not specified Description: A flaw was found in Red Hat Satellite, where the BMC interface exposes the password through the API to an authenticated local attacker with view hosts permission. This poses a...

5.3CVSS5.7AI score0.00119EPSS
Exploits0References4
CNVD
CNVDadded 2016/04/12 12:0 a.m.1 views

Foreman Unauthorized Operation Vulnerability

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A security vulnerability exists in Foreman versions prior to 1.8.4 and 1.9.x prior to 1.9.1, which stems...

6CVSS6.5AI score0.00194EPSS
Exploits0References1
Prion
Prionadded 2016/04/11 9:59 p.m.13 views

Code injection

Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply viewhosts permissions, which allows 1 remote authenticated users with the viewreports permission to read reports from arbitrary hosts or 2 remote authenticated users with the destroyreports permission to delete reports from arbitra...

6CVSS6.8AI score0.00194EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder