CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15136
https://notcve.org/view.php?id=CVE-2017-15136
When registering and activating a new system with Red Hat Satellite 6 if the new systems hostname is then reset to the hostname of a previously registered system the previously registered system will lose access to updates including security updates. Al registrar y activar un nuevo sistema en Red Hat Satellite 6, si el nombre de host del nuevo sistema se restablece al nombre de host de un sistema registrado previamente, este sistema anterior perderá el acceso a actualizaciones, incluyendo las de seguridad. • http://www.securityfocus.com/bid/103210 https://bugzilla.redhat.com/show_bug.cgi?id=1540343 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2017-2667 – rubygem-hammer_cli: no verification of API server's SSL certificate
https://notcve.org/view.php?id=CVE-2017-2667
Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verify_ssl flag for apipie-bindings that disable it by default. As a result the server certificates are not checked and connections are prone to man-in-the-middle attacks. Hammer CLI, una utilidad CLI para Foreman, en versiones anteriores a la 0.10.0, no estableció explícitamente la marca verify_ssl para apipie-bindings que lo deshabilita por defecto. Como resultado, los certificados del servidor no se comprueban y las conexiones son propensas a ataques Man-in-the-Middle (MitM). It was found that the hammer_cli command line client disables SSL/TLS certificate verification by default. • http://projects.theforeman.org/issues/19033 http://www.securityfocus.com/bid/97153 https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=1436262 https://access.redhat.com/security/cve/CVE-2017-2667 • CWE-295: Improper Certificate Validation CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-8639 – foreman: Stored XSS via organization/location with HTML in name
https://notcve.org/view.php?id=CVE-2016-8639
It was found that foreman before 1.13.0 is vulnerable to a stored XSS via an organization or location name. This could allow an attacker with privileges to set the organization or location name to display arbitrary HTML including scripting code within the web interface. Se ha detectado que Foreman en versiones anteriores a la 1.13.0 es vulnerable a Cross-Site Scripting (XSS) persistente mediante un nombre de organización o ubicación. Esto podría permitir que un atacante con privilegios para establecer el nombre de organización o ubicación muestre HTML arbitrario, incluyendo código de scripting en la interfaz web. It was found that foreman is vulnerable to a stored XSS via an organization or location name. • http://www.securityfocus.com/bid/94263 https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8639 https://github.com/theforeman/foreman/pull/3523 https://projects.theforeman.org/issues/15037 https://access.redhat.com/security/cve/CVE-2016-8639 https://bugzilla.redhat.com/show_bug.cgi?id=1393291 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-9595 – katello-debug: Possible symlink attacks due to use of predictable file names
https://notcve.org/view.php?id=CVE-2016-9595
A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files. Se ha encontrado un fallo en katello-debug en versiones anteriores a la 3.4.0, donde determinados scripts y archivos de log utilizaban archivos temporales no seguros. Un usuario local podría explotar esta vulnerabilidad para llevar a cabo un ataque de enlace simbólico que les permita sobrescribir el contenido de archivos arbitrarios. A flaw was found in katello-debug where certain scripts and log files used insecure temporary files. • https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9595 https://access.redhat.com/security/cve/CVE-2016-9595 https://bugzilla.redhat.com/show_bug.cgi?id=1406729 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2017-2672 – foreman: Image password leak
https://notcve.org/view.php?id=CVE-2017-2672
A flaw was found in foreman before version 1.15 in the logging of adding and registering images. An attacker with access to the foreman log file would be able to view passwords for provisioned systems in the log file, allowing them to access those systems. Se ha encontrado un error en foreman en versiones anteriores a la 1.15 en el registro de adición y registro de imágenes. Un atacante con acceso al archivo de logs de foreman podría ver contraseñas para sistemas aprovisionados en el archivo de registro, lo que les permitiría acceder a esos sistemas. A flaw was found in foreman's logging during the adding or registering of images. • http://www.securityfocus.com/bid/97526 https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2672 https://projects.theforeman.org/issues/19169 https://access.redhat.com/security/cve/CVE-2017-2672 https://bugzilla.redhat.com/show_bug.cgi?id=1439537 • CWE-269: Improper Privilege Management CWE-312: Cleartext Storage of Sensitive Information •