CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-4451 – foreman: privilege escalation through Organization and Locations API
https://notcve.org/view.php?id=CVE-2016-4451
The (1) Organization and (2) Locations APIs in Foreman before 1.11.3 and 1.12.x before 1.12.0-RC1 allow remote authenticated users with unlimited filters to bypass organization and location restrictions and read or modify data for an arbitrary organization by leveraging knowledge of the id of that organization. Las APIs (1) Organization y (2) Locations en Foreman en versiones anteriores a 1.11.3 y 1.12.x en versiones anteriores a 1.12.0-RC1 permiten a usuarios remotos autenticados con filtros ilimitados eludir restricciones de organización y localización y leer o modificar datos de una organización arbitraria aprovechando el conocimiento de la id de esa organización. It was found that Satellite 6 did not properly enforce access controls on certain resources. An attacker, with access to the API and knowledge of the ID name, can potentially access other resources in other organizations. • http://projects.theforeman.org/issues/15182 http://projects.theforeman.org/projects/foreman/repository/revisions/1144040f444b4bf4aae81940a150b26b23b4623c https://access.redhat.com/errata/RHSA-2018:0336 https://theforeman.org/security.html#2016-4451 https://access.redhat.com/security/cve/CVE-2016-4451 https://bugzilla.redhat.com/show_bug.cgi?id=1339889 • CWE-254: 7PK - Security Features CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-2100
https://notcve.org/view.php?id=CVE-2016-2100
Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read, modify, or delete private bookmarks by leveraging the (1) edit_bookmarks or (2) destroy_bookmarks permission. Foreman en versiones anteriores a 1.10.3 y 1.11.0 en versiones anteriores a 1.11.0-RC2 permite a usuarios remotos autenticados leer, modificar o borrar marcadores privados aprovechando el permiso (1) edit_bookmarks o (2) destroy_bookmarks. • http://projects.theforeman.org/issues/13828 http://theforeman.org/security.html#2016-2100 http://www.openwall.com/lists/oss-security/2016/03/31/2 https://access.redhat.com/errata/RHBA-2016:1500 • CWE-284: Improper Access Control •