Lucene search
Veracode Vulnerability DatabaseVERACODE:26023HistoryAug 04, 2020 - 12:48 a.m.
Exposed API
2020-08-0400:48:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
api security
arbitrary access
remote attacker
foreman vulnerability
EPSS
0.007
Percentile
80.9%
foreman does not properly restrict access to APIs. A remote attacker is able to access arbitrary hosts via an API request.
References
projects.theforeman.org/issues/2863
rhn.redhat.com/errata/RHSA-2013-1196.html
theforeman.org/manuals/1.2/index.html#Releasenotesfor1.2.2
access.redhat.com/documentation/en-US/Red_Hat_Satellite/
access.redhat.com/errata/RHEA-2014:1175
access.redhat.com/errata/RHSA-2013:1196
access.redhat.com/security/cve/CVE-2013-4182
access.redhat.com/site/documentation/
bugzilla.redhat.com/show_bug.cgi?id=990374
Related
prion
prion
Cross site request forgery (csrf)
2013-09-16 19:14:00
nvd
nvd
CVE-2013-4182
2013-09-16 19:14:38
ubuntucve
ubuntucve
CVE-2013-4182
2013-09-16 00:00:00
cvelist
cvelist
CVE-2013-4182
2013-09-16 19:00:00
cve
cve
CVE-2013-4182
2013-09-16 19:14:38
redhat
redhat
(RHSA-2013:1196) Important: Foreman security update
2013-09-03 00:00:00