VYPR
Medium severity4.3NVD Advisory· Published Aug 22, 2018· Updated Jun 17, 2026

CVE-2017-2662

CVE-2017-2662

Description

A flaw was found in Foreman's katello plugin version 3.4.5. After setting a new role to allow restricted access on a repository with a filter (filter set on the Product Name), the filter is not respected when the actions are done via hammer using the repository id.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
katelloRubyGems
< 3.17.0.rc13.17.0.rc1

Affected products

2
  • ghsa-coords
    Range: < 3.17.0.rc1
  • The Foreman Project/foreman katello pluginv5
    Range: 3.4.5

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.