VYPR
High severity8.8OSV Advisory· Published Aug 19, 2016· Updated Jun 17, 2026

CVE-2016-4475

CVE-2016-4475

Description

The (1) Organization and (2) Locations APIs and UIs in Foreman before 1.11.4 and 1.12.x before 1.12.0-RC3 allow remote authenticated users to bypass organization and location restrictions and (a) read, (b) edit, or (c) delete arbitrary organizations or locations via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Range: 0.1, 0.2, 0.2rc2, …
  • cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*range: <=1.11.3
    • cpe:2.3:a:theforeman:foreman:1.12.0:*:*:*:*:*:*:*
    • (no CPE)range: < 1.11.4, >= 1.12.0-RC1 < 1.12.0-RC3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.