Foreman
by Theforeman
Source repositories
CVEs (75)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-20290 | 0.00 | — | 0.00 | Mar 25, 2022 | An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources… | |||
| CVE-2021-3584 | 0.00 | — | 0.04 | Dec 23, 2021 | A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity… | |||
| CVE-2021-20259 | 0.00 | — | 0.00 | Jun 7, 2021 | A flaw was found in the Foreman project. The Proxmox compute resource exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system… | |||
| CVE-2021-3469 | 0.00 | — | 0.00 | Jun 3, 2021 | Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. An authenticated attacker can impersonate the foreman-proxy if product enable the Puppet Certificate authority (CA) to sign certificate requests that have subject alternative… | |||
| CVE-2021-3457 | 0.00 | — | 0.00 | May 12, 2021 | An improper authorization handling flaw was found in Foreman. The Shellhooks plugin for the smart-proxy allows Foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources… | |||
| CVE-2021-3494 | 0.00 | — | 0.00 | Apr 26, 2021 | A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. The FreeIPA module of Foreman smart proxy does not check the SSL certificate, thus, an unauthenticated attacker can perform actions… | |||
| CVE-2014-3590 | 0.00 | — | 0.01 | Jan 2, 2020 | Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. Therefore, an attacker can log out a user by having them view specially crafted content. | |||
| CVE-2014-0091 | 0.00 | — | 0.02 | Dec 11, 2019 | Foreman has improper input validation which could lead to partial Denial of Service | |||
| CVE-2014-8183 | 0.00 | — | 0.01 | Aug 1, 2019 | It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. An attacker with access to the API and knowledge of the resource name can access resources in other organizations. | |||
| CVE-2019-3893 | 0.00 | — | 0.02 | Apr 9, 2019 | In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. A malicious user with the "delete_compute_resource" permission can use this… | |||
| CVE-2018-16861 | 0.00 | — | 0.01 | Dec 7, 2018 | A cross-site scripting (XSS) flaw was found in the foreman component of satellite. An attacker with privilege to create entries using the Hosts, Monitor, Infrastructure, or Administer Menus is able to execute a XSS attacks against other users, possibly leading to malicious code… | |||
| CVE-2018-1097 | Hig | 0.00 | 8.8 | 0.02 | Apr 4, 2018 | A flaw was found in foreman before 1.16.1. The issue allows users with limited permissions for powering oVirt/RHV hosts on and off to discover the username and password used to connect to the compute resource. | ||
| CVE-2015-7518 | 0.00 | — | 0.02 | Dec 17, 2015 | Multiple cross-site scripting (XSS) vulnerabilities in information popups in Foreman before 1.10.0 allow remote attackers to inject arbitrary web script or HTML via (1) global parameters, (2) smart class parameters, or (3) smart variables in the (a) host or (b) hostgroup edit… | |||
| CVE-2015-3235 | 0.00 | — | 0.02 | Aug 14, 2015 | Foreman before 1.9.0 allows remote authenticated users with the edit_users permission to edit administrator users and change their passwords via unspecified vectors. | |||
| CVE-2015-3155 | 0.00 | — | 0.02 | Aug 14, 2015 | Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | |||
| CVE-2015-1844 | 0.00 | — | 0.02 | Aug 14, 2015 | Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API. | |||
| CVE-2015-1816 | 0.00 | — | 0.01 | Aug 14, 2015 | Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-middle attackers to spoof LDAP servers via a crafted certificate. | |||
| CVE-2014-3653 | 0.00 | — | 0.02 | Jul 6, 2015 | Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template. | |||
| CVE-2014-3691 | 0.00 | — | 0.02 | Mar 9, 2015 | Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5.4 and 1.6.x before 1.6.2 does not validate SSL certificates, which allows remote attackers to bypass intended authentication and execute arbitrary API requests via a request without a certificate. | |||
| CVE-2014-3492 | 0.00 | — | 0.01 | Jul 1, 2014 | Multiple cross-site scripting (XSS) vulnerabilities in the host YAML view in Foreman before 1.4.5 and 1.5.x before 1.5.1 allow remote attackers to inject arbitrary web script or HTML via a parameter (1) name or (2) value related to the host. |
- CVE-2021-20290Mar 25, 2022risk 0.00cvss —epss 0.00
An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources…
- CVE-2021-3584Dec 23, 2021risk 0.00cvss —epss 0.04
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity…
- CVE-2021-20259Jun 7, 2021risk 0.00cvss —epss 0.00
A flaw was found in the Foreman project. The Proxmox compute resource exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system…
- CVE-2021-3469Jun 3, 2021risk 0.00cvss —epss 0.00
Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. An authenticated attacker can impersonate the foreman-proxy if product enable the Puppet Certificate authority (CA) to sign certificate requests that have subject alternative…
- CVE-2021-3457May 12, 2021risk 0.00cvss —epss 0.00
An improper authorization handling flaw was found in Foreman. The Shellhooks plugin for the smart-proxy allows Foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources…
- CVE-2021-3494Apr 26, 2021risk 0.00cvss —epss 0.00
A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle attack. The FreeIPA module of Foreman smart proxy does not check the SSL certificate, thus, an unauthenticated attacker can perform actions…
- CVE-2014-3590Jan 2, 2020risk 0.00cvss —epss 0.01
Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. Therefore, an attacker can log out a user by having them view specially crafted content.
- CVE-2014-0091Dec 11, 2019risk 0.00cvss —epss 0.02
Foreman has improper input validation which could lead to partial Denial of Service
- CVE-2014-8183Aug 1, 2019risk 0.00cvss —epss 0.01
It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. An attacker with access to the API and knowledge of the resource name can access resources in other organizations.
- CVE-2019-3893Apr 9, 2019risk 0.00cvss —epss 0.02
In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. A malicious user with the "delete_compute_resource" permission can use this…
- CVE-2018-16861Dec 7, 2018risk 0.00cvss —epss 0.01
A cross-site scripting (XSS) flaw was found in the foreman component of satellite. An attacker with privilege to create entries using the Hosts, Monitor, Infrastructure, or Administer Menus is able to execute a XSS attacks against other users, possibly leading to malicious code…
- risk 0.00cvss 8.8epss 0.02
A flaw was found in foreman before 1.16.1. The issue allows users with limited permissions for powering oVirt/RHV hosts on and off to discover the username and password used to connect to the compute resource.
- CVE-2015-7518Dec 17, 2015risk 0.00cvss —epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in information popups in Foreman before 1.10.0 allow remote attackers to inject arbitrary web script or HTML via (1) global parameters, (2) smart class parameters, or (3) smart variables in the (a) host or (b) hostgroup edit…
- CVE-2015-3235Aug 14, 2015risk 0.00cvss —epss 0.02
Foreman before 1.9.0 allows remote authenticated users with the edit_users permission to edit administrator users and change their passwords via unspecified vectors.
- CVE-2015-3155Aug 14, 2015risk 0.00cvss —epss 0.02
Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
- CVE-2015-1844Aug 14, 2015risk 0.00cvss —epss 0.02
Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API.
- CVE-2015-1816Aug 14, 2015risk 0.00cvss —epss 0.01
Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-middle attackers to spoof LDAP servers via a crafted certificate.
- CVE-2014-3653Jul 6, 2015risk 0.00cvss —epss 0.02
Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template.
- CVE-2014-3691Mar 9, 2015risk 0.00cvss —epss 0.02
Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5.4 and 1.6.x before 1.6.2 does not validate SSL certificates, which allows remote attackers to bypass intended authentication and execute arbitrary API requests via a request without a certificate.
- CVE-2014-3492Jul 1, 2014risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in the host YAML view in Foreman before 1.4.5 and 1.5.x before 1.5.1 allow remote attackers to inject arbitrary web script or HTML via a parameter (1) name or (2) value related to the host.
Page 3 of 4