smart_proxy_dynflow is vulnerable to authentication bypass. This is due to a lack of authorization with the SSL clients and trusted hosts, which allows a remote attacker is able to execute arbitrary commands with high privileges.
www.securityfocus.com/bid/105375
access.redhat.com/errata/RHSA-2018:2733
access.redhat.com/security/cve/CVE-2018-14643
access.redhat.com/security/updates/classification/#critical
bugzilla.redhat.com/show_bug.cgi?id=1629003
bugzilla.redhat.com/show_bug.cgi?id=1629063
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14643
github.com/theforeman/smart_proxy_dynflow/pull/54