Lucene search
+L
TheforemanForeman

77 matches found

CVE
CVE
added 2022/08/22 2:48 p.m.2049 views

CVE-2021-3590

The CVE-2021-3590 entry concerns the Foreman project, where a credential leak could expose the Azure Compute Profile password through the JSON output of the API. The described impact affects data confidentiality, integrity, and availability. There are no concrete remediation steps or exploit spec...

8.8CVSS8.6AI score0.00556EPSS
CVE
CVE
added 2022/08/26 3:25 p.m.1564 views

CVE-2021-20260

CVE-2021-20260 affects the Foreman project, specifically the Datacenter plugin, where the API exposes the password to an authenticated local attacker with the view_hosts permission. This yields potential impacts to confidentiality, integrity, and availability. The NVD entry rates it as high (CVSS...

7.8CVSS7.4AI score0.002EPSS
CVE
CVE
added 2023/09/20 1:39 p.m.259 views

CVE-2023-0118

CVE-2023-0118 : The vulnerability affects Foreman, where an admin user can bypass safe mode in templates and execute arbitrary code on the underlying OS. The documented impact is critical (CVSS v3.1 base score 9.1, all impact metrics High). Connected advisories reference Red Hat Satellite/Foreman...

9.1CVSS9.4AI score0.01382EPSS
CVE
CVE
added 2023/09/22 1:56 p.m.225 views

CVE-2022-3874

CVE-2022-3874 is a command-injection flaw in Foreman where an authenticated admin can trigger OS commands via CoreOS/Fedora CoreOS templates (ct_command and fcct_command). Root cause: command injection in template processing could lead to arbitrary code execution on the host. Exploitation details...

9.1CVSS8.8AI score0.02172EPSS
CVE
CVE
added 2023/09/20 1:40 p.m.218 views

CVE-2023-0462

CVE-2023-0462 is a Foreman-related arbitrary code execution vulnerability. The flaw allows an admin to execute arbitrary OS code by supplying a YAML payload in global parameters, enabling code execution within the Foreman/Satellite context. Connected advisories show multiple Red Hat Satellite/For...

9.1CVSS8.7AI score0.00961EPSS
CVE
CVE
added 2023/10/03 2:24 p.m.159 views

CVE-2023-4886

CVE-2023-4886 affects Foreman (reported in Red Hat Satellite advisories). The issue is a world-readable Tomcat server.xml containing candlepin keystore/truststore passwords, enabling sensitive data exposure locally. Public references indicate Foreman is the affected component and list this CVE am...

6.7CVSS5.5AI score0.00273EPSS
CVE
CVE
added 2021/12/23 7:48 p.m.103 views

CVE-2021-3584

CVE-2021-3584 is a server-side remote code execution in the Foreman project. An authenticated attacker can abuse Sendmail configuration options to overwrite defaults and perform command injection, impacting confidentiality, integrity, and availability. According to the primary sources, fixed rele...

9CVSS7.5AI score0.03885EPSS
CVE
CVE
added 2018/09/21 1:0 p.m.99 views

CVE-2018-14643

Summary : CVE-2018-14643 describes an authentication bypass flaw in the smart_proxy_dynflow component (Ruby gem) used by Foreman, enabling a remote attacker to execute arbitrary commands on managed machines in a highly privileged context. Affected software : Foreman ecosystem with the smart_proxy...

10CVSS9.6AI score0.06007EPSS
CVE
CVE
added 2021/04/26 2:13 p.m.97 views

CVE-2021-3494

CVE-2021-3494 affects the Foreman smart proxy’s FreeIPA module, where SSL certificate verification is not performed. This enables a potential Man-in-the-Middle attack if conditions are met, compromising confidentiality. Affected: Foreman/smart proxy versions before 2.5.0 (per NVD OSV notes). The ...

5.9CVSS5.8AI score0.00369EPSS
CVE
CVE
added 2021/06/03 7:43 p.m.91 views

CVE-2021-3469

CVE-2021-3469 affects Foreman prior to 2.3.4 and prior to 2.4.0, due to an improper authorization handling flaw that lets an authenticated attacker impersonate the foreman-proxy when the Puppet CA is configured to sign certificate requests containing SANs. Foreman does not enable SANs by default,...

5.4CVSS5.3AI score0.00331EPSS
CVE
CVE
added 2018/06/21 1:0 p.m.89 views

CVE-2017-2672

Foreman vulnerability CVE-2017-2672 affects Foreman prior to version 1.15, in the logging of adding and registering images. An attacker with access to the Foreman log file could view passwords for provisioned systems, enabling unauthorized access. No exploitation vector details are provided beyon...

8.8CVSS8.4AI score0.01221EPSS
CVE
CVE
added 2019/08/01 1:38 p.m.88 views

CVE-2014-8183

CVE-2014-8183 affects Foreman in Red Hat Satellite 6.x (Foreman 1.x.x before 1.15.6). The root cause is improper enforcement of access controls on certain resources via the API, allowing an attacker with API access and knowledge of a resource name to access resources in other organizations. The R...

7.4CVSS7.3AI score0.00749EPSS
CVE
CVE
added 2014/06/20 2:0 p.m.85 views

CVE-2014-0007

CVE-2014-0007 affects Foreman’s Smart-Proxy TFTP module. The Smart-Proxy before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file. Impact per sources indicates remote command execution; attesta...

7.5CVSS7.8AI score0.09017EPSS
Web
CVE
CVE
added 2018/08/01 1:0 p.m.85 views

CVE-2016-8639

The CVE-2016-8639 entry refers to a stored XSS vulnerability in Foreman prior to version 1.13.0, exploitable via setting an organization or location name to include arbitrary HTML/JavaScript. Affected component is Foreman’s web interface, with the underlying issue being HTML/input handling in org...

6.1CVSS5.1AI score0.0116EPSS
CVE
CVE
added 2018/04/05 9:0 p.m.85 views

CVE-2018-1096

Foreman prior to version 1.16.1 is affected by an input sanitization flaw in the id field of the dashboard controller that enables SQL injection against the back-end database. Affected component: Foreman dashboard controller (id parameter). Root cause: insufficient input sanitization leading to a...

6.5CVSS7AI score0.01378EPSS
CVE
CVE
added 2017/11/27 2:0 p.m.84 views

CVE-2017-15100

CVE-2017-15100 is a stored XSS vulnerability in Foreman triggered when a remote attacker submits facts containing HTML. The issue affects the Foreman web pages that render facts on the Facts, Trends, and Statistics views. Red Hat’s RHSA-2018:2927 (Satellite 6.4) includes this CVE among others and...

6.1CVSS6AI score0.011EPSS
CVE
CVE
added 2019/04/09 3:17 p.m.83 views

CVE-2019-3893

CVE-2019-3893 affects Foreman: the delete_compute_resource operation via the Foreman API can disclose plaintext passwords/tokens for the affected compute resource. Vulnerable are Foreman versions prior to 1.20.3, 1.21.1, and 1.22.0. A malicious user with the delete_compute_resource permission can...

4.9CVSS5.5AI score0.01861EPSS
CVE
CVE
added 2016/05/20 2:0 p.m.82 views

CVE-2016-3728

Summary: CVE-2016-3728 describes an eval-injection in Foreman’s Smart-Proxy TFTP module (tftp_api.rb) that allows an attacker to execute arbitrary code via the PATH_INFO PXE template type. Affected: Foreman/Smart-Proxy prior to 1.10.4 and 1.11.x prior to 1.11.2. Impact: remote code execution with...

8.8CVSS9AI score0.02839EPSS
Web
CVE
CVE
added 2018/04/04 9:0 p.m.82 views

CVE-2018-1097

CVE-2018-1097 affects Foreman prior to 1.16.1. The vulnerability allows users with limited permissions for powering Ovirt/RHV hosts on and off to discover the credentials (username and password) used to connect to the compute resource. Exploitation details are not provided in the connected docume...

8.8CVSS8.5AI score0.01798EPSS
CVE
CVE
added 2018/09/10 3:0 p.m.81 views

CVE-2016-7077

CVE-2016-7077 affects Foreman prior to version 1.14.0, where the form helper does not authorize options for associated objects. This information disclosure allows an unauthorized user to see the names of those objects when their count is less than six. The vulnerability is documented with CVSS sc...

4.3CVSS4.6AI score0.01366EPSS
CVE
CVE
added 2013/11/19 7:0 p.m.80 views

CVE-2013-4386

Foreman (prior to 1.2.3) contains SQL injection vulnerabilities in app/models/concerns/host_common.rb that allow remote attackers to execute arbitrary SQL via the fqdn or hostgroup parameters. This impacts Foreman versions before 1.2.3; remediation is to upgrade to 1.2.3 or later (as noted by Red...

7.5CVSS8.8AI score0.01243EPSS
CVE
CVE
added 2022/08/16 12:0 a.m.80 views

CVE-2020-10710

CVE-2020-10710 affects Red Hat Satellite components (Candlepin) where the plaintext Candlepin password can be disclosed during updates via the satellite-installer. The flaw enables an attacker with sufficiently high privileges (e.g., root) to retrieve the Candlepin plaintext password, with confid...

4.4CVSS4.6AI score0.00224EPSS
CVE
CVE
added 2015/03/09 2:0 p.m.78 views

CVE-2014-3691

Foreman/foreman-proxy is affected by CVE-2014-3691 due to failure to validate SSL certificates in SSL-enabled mode, allowing remote attackers to bypass authentication and issue arbitrary API requests without a certificate. Affected versions: Foreman prior to 1.5.4 and foreman-proxy in Foreman 1.6...

7.5CVSS7.6AI score0.01706EPSS
CVE
CVE
added 2018/04/16 2:0 p.m.78 views

CVE-2016-9593

CVE-2016-9593 affects foreman-debug; the vulnerability arises from missing obfuscation of sensitive information in logging. An attacker with access to the foreman log file could view passwords, enabling credential exposure and potential system access. Public references indicate the issue is tied ...

8.8CVSS8.3AI score0.01023EPSS
CVE
CVE
added 2013/07/31 10:0 a.m.77 views

CVE-2013-2121

Foreman (Red Hat OpenStack/Satellite) CVE-2013-2121 is an eval injection in the create action of the bookmarks controller. Before 1.2.0-RC2, remote authenticated users with bookmark-creation permissions can execute arbitrary code via a controller name attribute. Public references note code inject...

6CVSS7.5AI score0.24782EPSS
Web
CVE
CVE
added 2018/08/01 12:0 p.m.77 views

CVE-2016-8634

Affected product: Foreman 1.14.0. The stored XSS vulnerability occurs when creating an organization or location whose name contains HTML, which is rendered in the second wizard step ( /organizations/id/step2 ) in the alert box. This can lead to a stored XSS if a user navigates to that URL after c...

6.1CVSS5AI score0.01094EPSS
Web
CVE
CVE
added 2018/12/07 7:0 p.m.77 views

CVE-2018-16861

CVE-2018-16861 is a stored XSS in the Foreman component of Red Hat Satellite, exploitable when a user with privileges creates entities via Hosts, Monitor, Infrastructure, or Admin menus. The issue allows an attacker to inject scripts that run in other users’ browsers and could lead to theft of an...

7.6CVSS5AI score0.00878EPSS
CVE
CVE
added 2016/08/19 9:0 p.m.76 views

CVE-2016-6319

CVE-2016-6319 is a cross-site scripting (XSS) vulnerability in Foreman before 1.12.2, exploitable via the label parameter in app/helpers/form_helper.rb used by Remote Execution (and possibly other plugins). The issue enables remote attackers to inject arbitrary web script or HTML, with impact des...

6.1CVSS6.2AI score0.0196EPSS
CVE
CVE
added 2018/07/31 8:0 p.m.76 views

CVE-2016-8613

CVE-2016-8613 affects Foreman 1.5.1’s remote execution plugin. The vulnerability occurs when a job submission contains HTML tags; the console output in the Foreman web UI is not escaped, allowing stored HTML/JavaScript to execute in the user’s browser. The exploit is a stored XSS due to unescaped...

6.4CVSS6AI score0.02396EPSS
CVE
CVE
added 2013/07/31 10:0 a.m.74 views

CVE-2013-2113

CVE-2013-2113 affects Foreman before 1.2.0-RC2. The vulnerability lies in the create method of app/controllers/users_controller.rb, where remote authenticated users with create_users permissions can gain privileges by either flipping the admin flag or assigning an arbitrary role. Impact is privil...

6CVSS6.7AI score0.20934EPSS
Web
CVE
CVE
added 2013/09/16 7:0 p.m.74 views

CVE-2013-4182

CVE-2013-4182 affects Foreman prior to 1.2.2, specifically the API at /api/v1/hosts handled by hosts_controller.rb, where access checks were insufficient. This allowed remote attackers to access arbitrary hosts via the API request. The publicly documented remediation is to upgrade to Foreman 1.2....

7.5CVSS6.9AI score0.02395EPSS
CVE
CVE
added 2018/09/10 3:0 p.m.74 views

CVE-2016-7078

CVE-2016-7078 : Foreman before 1.15.0 is vulnerable to an information disclosure via the organizations/locations feature. If a user is assigned no organizations/locations, they can view all resources (mirroring an administrator’s view) though their actions remain limited by their permissions. Roo...

4.3CVSS4.3AI score0.0136EPSS
CVE
CVE
added 2014/03/27 4:0 p.m.73 views

CVE-2014-0089

CVE-2014-0089 is a cross-site scripting (XSS) vulnerability in Foreman 1.4.x prior to 1.4.2, exploitable by a remote authenticated user who can inject script/HTML via the bookmark name when adding a bookmark. The root cause is exposed in app/views/common/500.html.erb, enabling arbitrary script ex...

4.3CVSS5.4AI score0.01891EPSS
CVE
CVE
added 2019/12/11 2:11 p.m.73 views

CVE-2014-0091

The connected documents confirm CVE-2014-0091 affects Foreman, with the underlying issue described as improper input validation that can cause a partial Denial of Service. The sources (NVD, Veracode) consistently report DoS due to input validation problems in Foreman. No concrete vendor/version d...

5.3CVSS5AI score0.01551EPSS
CVE
CVE
added 2015/08/14 6:0 p.m.73 views

CVE-2015-1844

CVE-2015-1844 corresponds to a Foreman/Satellite API authorization flaw: remote authenticated users could bypass organization/location restrictions via the REST API. Connected advisories (RHSA-2015:1591/1592) indicate affected Foreman components and that remediation is provided through Red Hat Sa...

4CVSS6.2AI score0.01925EPSS
CVE
CVE
added 2017/07/14 8:0 p.m.72 views

CVE-2015-5152

CVE-2015-5152 affects Foreman versions 1.1 through 1.9.0-RC1, where HTTP requests are not redirected to HTTPS when require_ssl is true, enabling a MITM to capture credentials. Root cause is lack of HTTP-to-HTTPS redirection under the require_ssl setting. Impact is credential leakage via network a...

8.1CVSS7.8AI score0.01514EPSS
CVE
CVE
added 2018/10/12 8:0 p.m.71 views

CVE-2018-14664

CVE-2018-14664 affects Foreman in versions 1.18 and earlier, where a stored cross-site scripting vulnerability exists in the breadcrumbs bar due to improperly escaped HTML. This allows a user with permission to edit which attribute is used in breadcrumbs to inject code that executes in the client...

5.4CVSS4.9AI score0.01074EPSS
CVE
CVE
added 2013/09/16 7:0 p.m.70 views

CVE-2013-4180

The CVE-2013-4180 issue affects Foreman prior to 1.2.2, where the HostController’s power and ipmi_boot actions allow remote attackers to trigger a denial-of-service via input converted to a symbol, causing memory consumption. Affected version range is Foreman

5CVSS6.9AI score0.02413EPSS
CVE
CVE
added 2017/10/16 6:0 p.m.70 views

CVE-2014-0208

CVE-2014-0208 is a Foreman XSS vulnerability in the search auto-completion, exploitable by remote authenticated users via a crafted key name in Foreman versions prior to 1.4.4. Root cause: reflected/stored XSS in the auto-complete input path (exact implementation details not provided in the docum...

5.4CVSS5AI score0.00823EPSS
CVE
CVE
added 2017/10/18 2:0 p.m.70 views

CVE-2014-3531

Foreman before 1.5.2 is affected by multiple cross-site scripting (XSS) vulnerabilities that allow remote authenticated users to inject arbitrary web script or HTML via the operating system name or description fields. The issue is tied to user-controlled data in OS metadata, leading to potential ...

5.4CVSS5.1AI score0.0117EPSS
CVE
CVE
added 2016/08/19 9:0 p.m.69 views

CVE-2016-6320

CVE-2016-6320 describes a Cross-Site Scripting (XSS) vulnerability in Foreman’s web UI, specifically in the file app/assets/javascripts/host_edit_interfaces.js. The issue allows remote authenticated users to inject arbitrary web script or HTML via the network interface device identifier in the ho...

5.4CVSS5.1AI score0.00936EPSS
CVE
CVE
added 2016/04/11 9:0 p.m.67 views

CVE-2015-5233

Foreman is vulnerable due to improper enforcement of the view_hosts permission in versions before 1.8.4 and 1.9.x before 1.9.1. This allows remote authenticated users with read access to reports (view_reports) to read reports from arbitrary hosts, and users with delete access (destroy_reports) to...

6CVSS4.2AI score0.01164EPSS
CVE
CVE
added 2016/08/19 9:0 p.m.67 views

CVE-2016-4451

The CVE-2016-4451 issue affects Foreman: Organization and Locations APIs allow remote authenticated users to bypass organization and location restrictions by using knowledge of an arbitrary organization id, enabling read/modify of data for that org. Affected versions: Foreman before 1.11.3 and Fo...

6CVSS4.9AI score0.00933EPSS
CVE
CVE
added 2016/08/19 9:0 p.m.67 views

CVE-2016-4475

The CVE-2016-4475 issue affects Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3. It allows remote authenticated users to bypass organization and location restrictions and (a) read, (b) edit, or (c) delete arbitrary organizations or locations via unspecified vectors. Impact is data exposure and...

8.8CVSS8.2AI score0.02672EPSS
CVE
CVE
added 2014/05/08 2:0 p.m.65 views

CVE-2014-0090

Affected software : Foreman prior to 1.4.2 (affects Foreman-based stacks; linked Red Hat Satellite context may apply). Vulnerability : Session fixation via the session id cookie. Impact : Remote attackers can hijack web sessions. Root cause : Session identifier handling enables fixation attacks. ...

6.8CVSS6.9AI score0.01379EPSS
CVE
CVE
added 2015/08/14 6:0 p.m.65 views

CVE-2015-1816

CVE-2015-1816 affects Foreman/Foreman Proxy (Forman) before 1.7.4, where SSL certificates were not verified for LDAP connections, enabling MITM spoofing of LDAP servers via crafted certificates. Impact: potential credential exposure through LDAP authentication; base score 5.0 (Medium) per NVD. Re...

5CVSS6.2AI score0.00943EPSS
CVE
CVE
added 2016/08/19 9:0 p.m.64 views

CVE-2016-4995

Foreman is affected in versions prior to 1.11.4 and 1.12.x prior to 1.12.1. The issue is an information-disclosure vulnerability where remote authenticated users with permission to view some hosts can access sensitive host configuration data through a URL referencing a hostname, due to improper r...

5.3CVSS4.7AI score0.01083EPSS
CVE
CVE
added 2014/05/08 2:0 p.m.63 views

CVE-2014-0192

CVE-2014-0192 affects Foreman: versions 1.4.0 through 1.4.x are vulnerable. The issue is that provisioning template previews were not properly restricted, allowing remote attackers to access sensitive information via the hostname parameter (spoof-related). The primary concrete detail available fr...

5CVSS6.4AI score0.01538EPSS
CVE
CVE
added 2024/08/12 4:48 p.m.63 views

CVE-2024-7700

The CVE-2024-7700 entry concerns Foreman where the vulnerability is a command-injection flaw in the Host Init Config template via the Install Packages field on the Register Host page. The root cause is the injection into the configuration, enabling potentially arbitrary command execution during h...

6.5CVSS6.9AI score0.00783EPSS
CVE
CVE
added 2015/08/14 6:0 p.m.62 views

CVE-2015-3155

Foreman vulnerable: Foreman before 1.8.1 does not set the secure flag on the _session_id cookie in HTTPS sessions, enabling cookie capture over HTTP. Impact is partial confidentiality loss. Remediation: update to Foreman 1.8.1 or later (fixes the secure flag handling).

5CVSS6.4AI score0.02222EPSS
Total number of security vulnerabilities77