CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1096 – foreman: SQL injection due to improper handling of the widget id parameter
https://notcve.org/view.php?id=CVE-2018-1096
An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database. Se ha encontrado un error de saneamiento de entradas en el campo id del controlador del panel de Foreman, en versiones anteriores a la 1.16.1. Un usuario podría emplear este error para realizar un ataque de inyección SQL en la base de datos del backend. An input sanitization flaw was found in the id field of the dashboard controller. • http://projects.theforeman.org/issues/23028 https://access.redhat.com/errata/RHSA-2018:2927 https://bugzilla.redhat.com/show_bug.cgi?id=1561061 https://access.redhat.com/security/cve/CVE-2018-1096 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1097 – foreman: Ovirt admin password exposed by foreman API
https://notcve.org/view.php?id=CVE-2018-1097
A flaw was found in foreman before 1.16.1. The issue allows users with limited permissions for powering oVirt/RHV hosts on and off to discover the username and password used to connect to the compute resource. Se ha descubierto un problema en versiones anteriores a la 1.16.1 de foreman. El problema permite que usuarios con permisos limitados para encender y apagar hosts oVirt/RHV descubran el nombre de usuario y la contraseña empleados para conectarse al recurso del ordenador. • https://access.redhat.com/errata/RHSA-2018:2927 https://bugzilla.redhat.com/show_bug.cgi?id=1561723 https://github.com/theforeman/foreman/pull/5369 https://projects.theforeman.org/issues/22546 https://access.redhat.com/security/cve/CVE-2018-1097 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1077
https://notcve.org/view.php?id=CVE-2018-1077
Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially sensitive information from the server. Spacewalk 2.6 contiene una API que tiene un error XEE (XML External Entity) que permite la divulgación de información potencialmente sensible del servidor. • https://bugzilla.redhat.com/show_bug.cgi?id=1555429 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15136
https://notcve.org/view.php?id=CVE-2017-15136
When registering and activating a new system with Red Hat Satellite 6 if the new systems hostname is then reset to the hostname of a previously registered system the previously registered system will lose access to updates including security updates. Al registrar y activar un nuevo sistema en Red Hat Satellite 6, si el nombre de host del nuevo sistema se restablece al nombre de host de un sistema registrado previamente, este sistema anterior perderá el acceso a actualizaciones, incluyendo las de seguridad. • http://www.securityfocus.com/bid/103210 https://bugzilla.redhat.com/show_bug.cgi?id=1540343 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2667 – rubygem-hammer_cli: no verification of API server's SSL certificate
https://notcve.org/view.php?id=CVE-2017-2667
Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verify_ssl flag for apipie-bindings that disable it by default. As a result the server certificates are not checked and connections are prone to man-in-the-middle attacks. Hammer CLI, una utilidad CLI para Foreman, en versiones anteriores a la 0.10.0, no estableció explícitamente la marca verify_ssl para apipie-bindings que lo deshabilita por defecto. Como resultado, los certificados del servidor no se comprueban y las conexiones son propensas a ataques Man-in-the-Middle (MitM). It was found that the hammer_cli command line client disables SSL/TLS certificate verification by default. • http://projects.theforeman.org/issues/19033 http://www.securityfocus.com/bid/97153 https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=1436262 https://access.redhat.com/security/cve/CVE-2017-2667 • CWE-295: Improper Certificate Validation CWE-345: Insufficient Verification of Data Authenticity •