CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3155 – foreman: the _session_id cookie is issued without the Secure flag
https://notcve.org/view.php?id=CVE-2015-3155
Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. Vulnerabilidad en Foreman en versiones anteriores a 1.8.1, no configura el indicador de seguridad para la cookie the _session_id en una sesión https, lo que facilita a atacantes remotos capturar esta cookie interceptando su transmisión dentro de una sesión http. It was found that Foreman did not set the HttpOnly flag on session cookies. This could allow a malicious script to access the session cookie. • http://projects.theforeman.org/issues/10275 https://access.redhat.com/errata/RHSA-2015:1591 https://access.redhat.com/errata/RHSA-2015:1592 https://bugzilla.redhat.com/show_bug.cgi?id=1216035 https://github.com/theforeman/foreman/pull/2328 https://groups.google.com/forum/#%21topic/foreman-announce/QPtN0h04jdo https://access.redhat.com/security/cve/CVE-2015-3155 • CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2014-3653 – foreman: cross-site scripting (XSS) flaw in template preview screen
https://notcve.org/view.php?id=CVE-2014-3653
Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template. Vulnerabilidad de XSS en la función Template Preview en Foreman anterior a 1.6.1 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de una plantilla de provisionamiento manipulada. A cross-site scripting (XSS) flaw was found in Foreman's template preview screen. A remote attacker could use this flaw to perform cross-site scripting attacks by tricking a user into viewing a malicious template. Note that templates are commonly shared among users. • http://projects.theforeman.org/issues/7483 http://theforeman.org/security.html#2014-3653 http://www.securityfocus.com/bid/70046 https://bugzilla.redhat.com/show_bug.cgi?id=1145398 https://access.redhat.com/security/cve/CVE-2014-3653 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-3691 – foreman-proxy: failure to verify SSL certificates
https://notcve.org/view.php?id=CVE-2014-3691
Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5.4 and 1.6.x before 1.6.2 does not validate SSL certificates, which allows remote attackers to bypass intended authentication and execute arbitrary API requests via a request without a certificate. Smart Proxy (también conocido como Smart-Proxy y foreman-proxy) en Foreman en versiones anteriores a 1.5.4 y 1.6.x en versiones anteriores a 1.6.2 no valida certificados SSL, lo que permite a atacantes remotos eludir autenticación intencionada y ejecutar peticiones API arbitrarias a través de una petición sin un certificado. It was discovered that foreman-proxy, when running in SSL-secured mode, did not correctly verify SSL client certificates. This could permit any client with access to the API to make requests and perform actions otherwise restricted. • http://projects.theforeman.org/issues/7822 http://rhn.redhat.com/errata/RHSA-2015-0287.html http://rhn.redhat.com/errata/RHSA-2015-0288.html https://github.com/theforeman/smart-proxy/pull/217 https://groups.google.com/forum/#%21topic/foreman-announce/jXC5ixybjqo https://access.redhat.com/security/cve/CVE-2014-3691 https://bugzilla.redhat.com/show_bug.cgi?id=1150879 • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •