CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1844 – foreman: API not scoping resources to taxonomies
https://notcve.org/view.php?id=CVE-2015-1844
12 Aug 2015 — Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API. Vulnerabilidad en Foreman en versiones anteriores a 1.7.5, permite a usuarios remotos autenticados eludir las restricciones de organización y localización conectándose a través de la API REST. A flaw was found in the way foreman authorized user actions on resources via the API when an organization was not explicitly set. A remote attacker could use this flaw to obtain a... • http://projects.theforeman.org/issues/9947 • CWE-201: Insertion of Sensitive Information Into Sent Data CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3155 – foreman: the _session_id cookie is issued without the Secure flag
https://notcve.org/view.php?id=CVE-2015-3155
12 Aug 2015 — Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. Vulnerabilidad en Foreman en versiones anteriores a 1.8.1, no configura el indicador de seguridad para la cookie the _session_id en una sesión https, lo que facilita a atacantes remotos capturar esta cookie interceptando su transmisión dentro de una sesión http. It was found that Foreman di... • http://projects.theforeman.org/issues/10275 • CWE-284: Improper Access Control •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2014-3653 – foreman: cross-site scripting (XSS) flaw in template preview screen
https://notcve.org/view.php?id=CVE-2014-3653
06 Jul 2015 — Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template. Vulnerabilidad de XSS en la función Template Preview en Foreman anterior a 1.6.1 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de una plantilla de provisionamiento manipulada. A cross-site scripting (XSS) flaw was found in Foreman's template preview screen. A remote a... • http://projects.theforeman.org/issues/7483 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2014-3691 – foreman-proxy: failure to verify SSL certificates
https://notcve.org/view.php?id=CVE-2014-3691
03 Mar 2015 — Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5.4 and 1.6.x before 1.6.2 does not validate SSL certificates, which allows remote attackers to bypass intended authentication and execute arbitrary API requests via a request without a certificate. Smart Proxy (también conocido como Smart-Proxy y foreman-proxy) en Foreman en versiones anteriores a 1.5.4 y 1.6.x en versiones anteriores a 1.6.2 no valida certificados SSL, lo que permite a atacantes remotos eludir autenticación intencionada y... • http://projects.theforeman.org/issues/7822 • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 1CVE-2014-3491
https://notcve.org/view.php?id=CVE-2014-3491
01 Jul 2014 — Cross-site scripting (XSS) vulnerability in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field to the New Host groups page, related to create, update, and destroy notification boxes. Vulnerabilidad de XSS en Foreman anterior a 1.4.5 y 1.5.x anterior a 1.5.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del campo de Nombre en la página de grupos del anfitrión nuevo, relacionado con crear, ... • http://projects.theforeman.org/issues/5881 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 1CVE-2014-3492
https://notcve.org/view.php?id=CVE-2014-3492
01 Jul 2014 — Multiple cross-site scripting (XSS) vulnerabilities in the host YAML view in Foreman before 1.4.5 and 1.5.x before 1.5.1 allow remote attackers to inject arbitrary web script or HTML via a parameter (1) name or (2) value related to the host. Múltiples vulnerabilidades de XSS en la visualización del anfitrión YAML en Foreman anterior a 1.4.5 y 1.5.x anterior a 1.5.1 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de un parámetro de (1) nombre o (2) valor relaciona... • http://projects.theforeman.org/issues/6149 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0CVE-2014-4507
https://notcve.org/view.php?id=CVE-2014-4507
20 Jun 2014 — Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the dst parameter to tftp/fetch_boot_file. Vulnerabilidad de salto de directorio en Smart-Proxy en Foreman anterior a 1.4.5 y 1.5.x anterior a 1.5.1 permite a atacantes remotos sobrescribir ficheros arbitrarios a través de un .. (punto punto) en el parámetro dst en tftp/fetch_boot_file. • http://projects.theforeman.org/issues/6086 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 4%CPEs: 6EXPL: 1CVE-2014-0007 – Foreman Smart-Proxy - Remote Command Injection
https://notcve.org/view.php?id=CVE-2014-0007
19 Jun 2014 — The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file. Smart-Proxy en Foreman anterior a 1.4.5 y 1.5.x anterior a 1.5.1 permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en el parámetro path en tftp/fetch_boot_file. The foreman-proxy package provides a RESTful API to manage DNS, DHCP, TFTP, and Puppet settings, and can be used as pa... • https://www.exploit-db.com/exploits/39222 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2014-0192
https://notcve.org/view.php?id=CVE-2014-0192
08 May 2014 — Foreman 1.4.0 before 1.5.0 does not properly restrict access to provisioning template previews, which allows remote attackers to obtain sensitive information via the hostname parameter, related to "spoof." Foreman 1.4.0 anterior a 1.5.0 no restringe debidamente acceso a la provisión de vistas preliminares de plantillas, lo que permite a atacantes remotos obtener información sensible a través del parámetro hostname, relacionado con 'falsificar.' • http://projects.theforeman.org/issues/5436 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-0090
https://notcve.org/view.php?id=CVE-2014-0090
08 May 2014 — Session fixation vulnerability in Foreman before 1.4.2 allows remote attackers to hijack web sessions via the session id cookie. Vulnerabilidad de fijación de sesión en Foreman anterior a 1.4.2 permite a atacantes remotos secuestrar sesiones web a través de la cookie session id. • http://projects.theforeman.org/issues/4457 • CWE-287: Improper Authentication •