CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2014-3691 – foreman-proxy: failure to verify SSL certificates
https://notcve.org/view.php?id=CVE-2014-3691
03 Mar 2015 — Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5.4 and 1.6.x before 1.6.2 does not validate SSL certificates, which allows remote attackers to bypass intended authentication and execute arbitrary API requests via a request without a certificate. Smart Proxy (también conocido como Smart-Proxy y foreman-proxy) en Foreman en versiones anteriores a 1.5.4 y 1.6.x en versiones anteriores a 1.6.2 no valida certificados SSL, lo que permite a atacantes remotos eludir autenticación intencionada y... • http://projects.theforeman.org/issues/7822 • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 1CVE-2014-3491
https://notcve.org/view.php?id=CVE-2014-3491
01 Jul 2014 — Cross-site scripting (XSS) vulnerability in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field to the New Host groups page, related to create, update, and destroy notification boxes. Vulnerabilidad de XSS en Foreman anterior a 1.4.5 y 1.5.x anterior a 1.5.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del campo de Nombre en la página de grupos del anfitrión nuevo, relacionado con crear, ... • http://projects.theforeman.org/issues/5881 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 1CVE-2014-3492
https://notcve.org/view.php?id=CVE-2014-3492
01 Jul 2014 — Multiple cross-site scripting (XSS) vulnerabilities in the host YAML view in Foreman before 1.4.5 and 1.5.x before 1.5.1 allow remote attackers to inject arbitrary web script or HTML via a parameter (1) name or (2) value related to the host. Múltiples vulnerabilidades de XSS en la visualización del anfitrión YAML en Foreman anterior a 1.4.5 y 1.5.x anterior a 1.5.1 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un parámetro de (1) nombre o (2) valor relaciona... • http://projects.theforeman.org/issues/6149 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2014-4507
https://notcve.org/view.php?id=CVE-2014-4507
20 Jun 2014 — Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the dst parameter to tftp/fetch_boot_file. Vulnerabilidad de salto de directorio en Smart-Proxy en Foreman anterior a 1.4.5 y 1.5.x anterior a 1.5.1 permite a atacantes remotos sobrescribir ficheros arbitrarios a través de un .. (punto punto) en el parámetro dst en tftp/fetch_boot_file. • http://projects.theforeman.org/issues/6086 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 2%CPEs: 6EXPL: 1CVE-2014-0007 – Foreman Smart-Proxy - Remote Command Injection
https://notcve.org/view.php?id=CVE-2014-0007
19 Jun 2014 — The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file. Smart-Proxy en Foreman anterior a 1.4.5 y 1.5.x anterior a 1.5.1 permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en el parámetro path en tftp/fetch_boot_file. The foreman-proxy package provides a RESTful API to manage DNS, DHCP, TFTP, and Puppet settings, and can be used as pa... • https://www.exploit-db.com/exploits/39222 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-0210
https://notcve.org/view.php?id=CVE-2013-0210
08 May 2014 — The smart proxy Puppet run API in Foreman before 1.2.0 allows remote attackers to execute arbitrary commands via vectors related to escaping and Puppet commands. La API de ejecución de Smart Proxy Puppet en Foreman anterior a 1.2.0 permite a atacantes remotos ejecutar comandos arbitrarios a través de vectores relacionados con escaparse y comandos Puppet. • http://theforeman.org/security.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-0173
https://notcve.org/view.php?id=CVE-2013-0173
08 May 2014 — Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attackers to guess the password via a brute force attack. Foreman anterior a 1.1 utiliza un salt de 'foreman' para crear hashes de contraseñas root, lo que facilita a atacantes adivinar la contraseña a través de un ataque de fuerza bruta. • http://projects.theforeman.org/issues/2069 • CWE-310: Cryptographic Issues •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-5477
https://notcve.org/view.php?id=CVE-2012-5477
08 May 2014 — The smart proxy in Foreman before 1.1 uses a umask set to 0, which allows local users to modify files created by the daemon via unspecified vectors. Smart Proxy en Foreman anterior a 1.1 utiliza un umask configurado a 0, lo que permite a usuarios locales modificar archivos creados por el demonio a través de vectores no especificados. • http://projects.theforeman.org/issues/1929 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-0187
https://notcve.org/view.php?id=CVE-2013-0187
08 May 2014 — Foreman before 1.1 allows remote authenticated users to gain privileges via a (1) XMLHttpRequest or (2) AJAX request. Foreman anterior a 1.1 permite a usuarios remotos autenticados ganar privilegios a través de una solicitud (1) XMLHttpRequest o (2) AJAX. • http://theforeman.org/security.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2013-0171
https://notcve.org/view.php?id=CVE-2013-0171
08 May 2014 — Foreman before 1.1 allows remote attackers to execute arbitrary code via a crafted YAML object to the (1) fact or (2) report import API. Foreman anterior a 1.1 permite a atacantes remotos ejecutar código arbitrario a través de un objeto YAML hacia la API (1) fact o (2) report import. • http://projects.theforeman.org/issues/2069 • CWE-94: Improper Control of Generation of Code ('Code Injection') •