High severityGHSA Advisory· Published Mar 23, 2022· Updated Aug 3, 2024
CVE-2021-3589
CVE-2021-3589
Description
An authorization flaw was found in Foreman Ansible. An authenticated attacker with certain permissions to create and run Ansible jobs can access hosts through job templates. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
foreman_ansibleRubyGems | < 2.0.0 | 2.0.0 |
Affected products
2- Range: < 2.0.0
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-vvff-6wrr-4g7qghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-3589ghsaADVISORY
- access.redhat.com/security/cve/CVE-2021-3589ghsax_refsource_MISCWEB
- bugzilla.redhat.com/show_bug.cgighsax_refsource_MISCWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/foreman_ansible/CVE-2021-3589.ymlghsaWEB
- github.com/theforeman/foreman_ansible/commit/a5e0827bc3ec6c8ab82f968907857a15646305d5ghsaWEB
News mentions
0No linked articles in our index yet.