Privilege Escalations

2019-01-1508:55:24

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.111 Low

EPSS

Percentile

95.2%

JSON

foreman is vulnerable to privilege escalation attacks. The vulnerability exists as the create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1) changing the admin flag or (2) assigning an arbitrary role.

CPENameOperatorVersion
ruby193-foreman-proxyeq1.1.10001__3.el6ost
ruby193-rubygem-mysqleq2.8.1__3.el6ost
ruby193-rubygem-fogeq1.10.1__10.el6ost
ruby193-rubygem-safemodeeq1.2.0__8.el6ost
ruby193-rubygem-ancestryeq1.3.0__4.el6ost
ruby193-openstack-foreman-installereq0.0.15__2.el6ost
ruby193-foremaneq1.1.10003__1.el6ost
ruby193-foreman-proxyeq1.1.10001__3.el6ost
ruby193-rubygem-mysqleq2.8.1__3.el6ost
ruby193-rubygem-fogeq1.10.1__10.el6ost

Name	Operator	Version
ruby193-foreman-proxy	eq	1.1.10001__3.el6ost
ruby193-rubygem-mysql	eq	2.8.1__3.el6ost
ruby193-rubygem-fog	eq	1.10.1__10.el6ost
ruby193-rubygem-safemode	eq	1.2.0__8.el6ost
ruby193-rubygem-ancestry	eq	1.3.0__4.el6ost
ruby193-openstack-foreman-installer	eq	0.0.15__2.el6ost
ruby193-foreman	eq	1.1.10003__1.el6ost
ruby193-foreman-proxy	eq	1.1.10001__3.el6ost
ruby193-rubygem-mysql	eq	2.8.1__3.el6ost
ruby193-rubygem-fog	eq	1.10.1__10.el6ost