VYPR
Unrated severityNVD Advisory· Published Jul 31, 2013· Updated Jun 16, 2026

CVE-2013-2113

CVE-2013-2113

Description

The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create or edit other users to gain privileges by (1) changing the admin flag or (2) assigning an arbitrary role.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:theforeman:foreman:1.1:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:theforeman:foreman:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:theforeman:foreman:*:rc1:*:*:*:*:*:*range: <=1.2.0
    • (no CPE)range: <1.2.0-RC2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.