Foreman@1.15.0 Security Vulnerabilities and Issues — Foreman@1.15.0 CVE List

Lucene search

TheforemanForeman1.15.0

3 matches found

CVE•added 2018/09/10 3:29 p.m.•53 views

CVE-2016-7078

foreman before version 1.15.0 is vulnerable to an information leak through organizations and locations feature. When a user is assigned no organizations/locations, they are able to view all resources instead of none (mirroring an administrator's view). The user's actions are still limited by their ...

4.3CVSS4.3AI score0.00248EPSS

CVE•added 2017/05/26 4:29 p.m.•42 views

CVE-2017-7505

Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users with user management permission who are assigned to some organization(s) can do all operations granted by these permissions on all administrator user object outside of their scope, such as editing global ...

8.8CVSS8.6AI score0.00308EPSS

CVE•added 2017/09/25 5:29 p.m.•39 views

CVE-2015-5282

Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after.

6.1CVSS6.1AI score0.00433EPSS