CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1CVE-2018-16887 – katello: stored XSS in subscriptions and repositories pages
https://notcve.org/view.php?id=CVE-2018-16887
A cross-site scripting (XSS) flaw was found in the katello component of Satellite. An attacker with privilege to create/edit organizations and locations is able to execute a XSS attacks against other users through the Subscriptions or the Red Hat Repositories wizards. This can possibly lead to malicious code execution and extraction of the anti-CSRF token of higher privileged users. Versions before 3.9.0 are vulnerable. Se ha encontrado un error de Cross-Site Scripting (XSS) en el componente "katello" de Satellite. • https://access.redhat.com/errata/RHSA-2019:1222 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16887 https://access.redhat.com/security/cve/CVE-2018-16887 https://bugzilla.redhat.com/show_bug.cgi?id=1645190 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14623 – katello: SQL inject in errata-related REST API
https://notcve.org/view.php?id=CVE-2018-14623
A SQL injection flaw was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072. Version 3.10 and older is vulnerable. Se ha encontrado un error de inyección SQL en la API relacionada con erratas de katello. • http://www.securityfocus.com/bid/106224 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14623 https://access.redhat.com/security/cve/CVE-2018-14623 https://bugzilla.redhat.com/show_bug.cgi?id=1623719 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.6EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16861 – foreman: stored XSS in success notification after entity creation
https://notcve.org/view.php?id=CVE-2018-16861
A cross-site scripting (XSS) flaw was found in the foreman component of satellite. An attacker with privilege to create entries using the Hosts, Monitor, Infrastructure, or Administer Menus is able to execute a XSS attacks against other users, possibly leading to malicious code execution and extraction of the anti-CSRF token of higher privileged users. Foreman before 1.18.3, 1.19.1, and 1.20.0 are vulnerable. Se ha encontrado un error Cross-Site Scripting (XSS) en el componente "satellite" de Foreman. Un atacante con privilegios para crear entradas mediante los menús Hosts, Monitor, Infrastructure o Administer puede ejecutar ataques Cross-Site Scripting (XSS) contra otros usuarios, lo que podría conducir a la ejecución de código malicioso y a la extracción del token anti-CSRF de usuarios con mayores privilegios. • https://access.redhat.com/errata/RHSA-2019:1222 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16861 https://access.redhat.com/security/cve/CVE-2018-16861 https://bugzilla.redhat.com/show_bug.cgi?id=1645201 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14664 – foreman: Persisted XSS on all pages that use breadcrumbs
https://notcve.org/view.php?id=CVE-2018-14664
A flaw was found in foreman from versions 1.18. A stored cross-site scripting vulnerability exists due to an improperly escaped HTML code in the breadcrumbs bar. This allows a user with permissions to edit which attribute is used in the breadcrumbs bar to store code that will be executed on the client side. Se ha descubierto un problema desde la versión 1.18 de foreman. Existe una vulnerabilidad Cross-Site Scripting (XSS) persistente debido a código HTML escapado incorrectamente en la barra de miga de pan. • http://www.securityfocus.com/bid/106553 https://access.redhat.com/errata/RHSA-2019:1222 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14664 https://projects.theforeman.org/issues/25169 https://access.redhat.com/security/cve/CVE-2018-14664 https://bugzilla.redhat.com/show_bug.cgi?id=1638130 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14643 – smart_proxy_dynflow: Authentication bypass in Foreman remote execution feature
https://notcve.org/view.php?id=CVE-2018-14643
An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious attacker can use this flaw to remotely execute arbitrary commands on machines managed by vulnerable Foreman instances, in a highly privileged context. Se ha detectado una vulnerabilidad de omisión de autenticación en el componente smart_proxy_dynflow utilizado por Foreman. Un atacante malicioso puede usar este fallo para ejecutar comandos arbitrarios remotamente en máquinas gestionadas por instancias vulnerables de Foreman en un contexto altamente privilegiado. • http://www.securityfocus.com/bid/105375 https://access.redhat.com/errata/RHSA-2018:2733 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14643 https://github.com/theforeman/smart_proxy_dynflow/pull/54 https://access.redhat.com/security/cve/CVE-2018-14643 https://bugzilla.redhat.com/show_bug.cgi?id=1629063 • CWE-287: Improper Authentication CWE-592: DEPRECATED: Authentication Bypass Issues •