CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2021-3584 – foreman: Authenticate remote code execution through Sendmail configuration
https://notcve.org/view.php?id=CVE-2021-3584
A server side remote code execution vulnerability was found in Foreman project. A authenticated attacker could use Sendmail configuration options to overwrite the defaults and perform command injection. The highest threat from this vulnerability is to confidentiality, integrity and availability of system. Fixed releases are 2.4.1, 2.5.1, 3.0.0. Se encontró una vulnerabilidad de ejecución de código remota del lado del servidor Foreman project. • https://bugzilla.redhat.com/show_bug.cgi?id=1968439 https://github.com/theforeman/foreman/pull/8599 https://projects.theforeman.org/issues/32753 https://access.redhat.com/security/cve/CVE-2021-3584 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20259
https://notcve.org/view.php?id=CVE-2021-20259
A flaw was found in the Foreman project. The Proxmox compute resource exposes the password through the API to an authenticated local attacker with view_hosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Versions before foreman_fog_proxmox 0.13.1 are affected Se ha encontrado un fallo en Foreman project. El recurso de computación Proxmox expone la contraseña mediante la API a un atacante local autenticado con permiso view_hosts. • https://bugzilla.redhat.com/show_bug.cgi?id=1932144 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3469
https://notcve.org/view.php?id=CVE-2021-3469
Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. An authenticated attacker can impersonate the foreman-proxy if product enable the Puppet Certificate authority (CA) to sign certificate requests that have subject alternative names (SANs). Foreman do not enable SANs by default and `allow-authorization-extensions` is set to `false` unless user change `/etc/puppetlabs/puppetserver/conf.d/ca.conf` configuration explicitly. Foreman versiones anteriores a 2.3.4 y versiones anteriores a 2.4.0, están afectadas por un fallo en el manejo de la autorización. Un atacante autenticado puede hacerse pasar por el foreman-proxy si el producto permite que la autoridad de certificados (CA) de Puppet firme peticiones de certificados que tengan nombres alternativos de sujeto (SAN). • https://bugzilla.redhat.com/show_bug.cgi?id=1943630 • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-10716 – rubygem-foreman_ansible: "User input" entry from Job Invocation may contain sensitive data
https://notcve.org/view.php?id=CVE-2020-10716
A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and other sensitive data. This flaw affects tfm-rubygem-foreman_ansible versions before 4.0.3.4. Se encontró un fallo en Job Invocation de Red Hat Satellite, donde la entrada "User Input" no estaba restringida apropiadamente a la visualización. Este fallo permite a un usuario de Satellite malicioso escanear por medio del Job Invocation, con la capacidad de buscar contraseñas y otros datos confidenciales. • https://bugzilla.redhat.com/show_bug.cgi?id=1814998 https://bugzilla.redhat.com/show_bug.cgi?id=1827300 https://access.redhat.com/security/cve/CVE-2020-10716 • CWE-285: Improper Authorization •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3457
https://notcve.org/view.php?id=CVE-2021-3457
An improper authorization handling flaw was found in Foreman. The Shellhooks plugin for the smart-proxy allows Foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources and also causes a denial of service on the Foreman server. The highest threat from this vulnerability is to integrity and system availability. Se encontró un fallo de manejo de autorización inapropiada en Foreman. • https://bugzilla.redhat.com/show_bug.cgi?id=1940990 • CWE-863: Incorrect Authorization •