CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1097 – foreman: Ovirt admin password exposed by foreman API
https://notcve.org/view.php?id=CVE-2018-1097
A flaw was found in foreman before 1.16.1. The issue allows users with limited permissions for powering oVirt/RHV hosts on and off to discover the username and password used to connect to the compute resource. Se ha descubierto un problema en versiones anteriores a la 1.16.1 de foreman. El problema permite que usuarios con permisos limitados para encender y apagar hosts oVirt/RHV descubran el nombre de usuario y la contraseña empleados para conectarse al recurso del ordenador. • https://access.redhat.com/errata/RHSA-2018:2927 https://bugzilla.redhat.com/show_bug.cgi?id=1561723 https://github.com/theforeman/foreman/pull/5369 https://projects.theforeman.org/issues/22546 https://access.redhat.com/security/cve/CVE-2018-1097 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2017-2672 – foreman: Image password leak
https://notcve.org/view.php?id=CVE-2017-2672
A flaw was found in foreman before version 1.15 in the logging of adding and registering images. An attacker with access to the foreman log file would be able to view passwords for provisioned systems in the log file, allowing them to access those systems. Se ha encontrado un error en foreman en versiones anteriores a la 1.15 en el registro de adición y registro de imágenes. Un atacante con acceso al archivo de logs de foreman podría ver contraseñas para sistemas aprovisionados en el archivo de registro, lo que les permitiría acceder a esos sistemas. A flaw was found in foreman's logging during the adding or registering of images. • http://www.securityfocus.com/bid/97526 https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2672 https://projects.theforeman.org/issues/19169 https://access.redhat.com/security/cve/CVE-2017-2672 https://bugzilla.redhat.com/show_bug.cgi?id=1439537 • CWE-269: Improper Privilege Management CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-8639 – foreman: Stored XSS via organization/location with HTML in name
https://notcve.org/view.php?id=CVE-2016-8639
It was found that foreman before 1.13.0 is vulnerable to a stored XSS via an organization or location name. This could allow an attacker with privileges to set the organization or location name to display arbitrary HTML including scripting code within the web interface. Se ha detectado que Foreman en versiones anteriores a la 1.13.0 es vulnerable a Cross-Site Scripting (XSS) persistente mediante un nombre de organización o ubicación. Esto podría permitir que un atacante con privilegios para establecer el nombre de organización o ubicación muestre HTML arbitrario, incluyendo código de scripting en la interfaz web. It was found that foreman is vulnerable to a stored XSS via an organization or location name. • http://www.securityfocus.com/bid/94263 https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8639 https://github.com/theforeman/foreman/pull/3523 https://projects.theforeman.org/issues/15037 https://access.redhat.com/security/cve/CVE-2016-8639 https://bugzilla.redhat.com/show_bug.cgi?id=1393291 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9593 – foreman-debug: missing obfuscation of sensitive information
https://notcve.org/view.php?id=CVE-2016-9593
foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to access those systems. foreman-debug, en versiones anteriores a la 1.15.0, es vulnerable a un error en la creación de logs de foreman-debug. Un atacante con acceso al archivo de logs de foreman podría ver contraseñas, lo que les permitiría acceder a esos sistemas. A flaw was found in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to access those systems. • http://www.securityfocus.com/bid/94985 https://access.redhat.com/errata/RHSA-2018:0336 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9593 https://access.redhat.com/security/cve/CVE-2016-9593 https://bugzilla.redhat.com/show_bug.cgi?id=1406384 • CWE-255: Credentials Management Errors CWE-522: Insufficiently Protected Credentials •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2017-15100 – foreman: Stored XSS in fact name or value
https://notcve.org/view.php?id=CVE-2017-15100
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the "chart" button and hovering over the chart; (2) Trends page, when checking the graph for a trend based on a such fact; (3) Statistics page, for facts that are aggregated on this page. Un atacante que envíe hechos que contienen HTML al servidor Foreman puede provocar Cross-Site Scripting (XSS) persistente en ciertas páginas: (1) La página Facts, al hacer clic en el botón "chart" y desplazándose sobre el gráfico; (2) la página Trends, al comprobar el gráfico para una tendencia basada en un hecho; (3) la página Statistics, para los hechos que se agregan en esta página. • http://projects.theforeman.org/issues/21519 https://access.redhat.com/errata/RHSA-2018:2927 https://github.com/theforeman/foreman/pull/4967 https://access.redhat.com/security/cve/CVE-2017-15100 https://bugzilla.redhat.com/show_bug.cgi?id=1508551 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •