CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-3235 – foreman: edit_users permission allows changing of admin passwords
https://notcve.org/view.php?id=CVE-2015-3235
Foreman before 1.9.0 allows remote authenticated users with the edit_users permission to edit administrator users and change their passwords via unspecified vectors. Vulnerabilidad en Foreman en versiones anteriores a 1.9.0, permite a usuarios remotos autenticados con el permiso edit_users editar a usuarios administradores y cambiar sus contraseñas a través de vectores no especificados. It was discovered that in Foreman the edit_users permissions (for example, granted to the Manager role) allowed the user to edit admin user passwords. An attacker with the edit_users permissions could use this flaw to access an admin user account, leading to an escalation of privileges. • http://projects.theforeman.org/issues/10829 http://theforeman.org/manuals/1.9/index.html#Releasenotesfor1.9 https://access.redhat.com/errata/RHSA-2015:1591 https://access.redhat.com/errata/RHSA-2015:1592 https://bugzilla.redhat.com/show_bug.cgi?id=1232366 https://access.redhat.com/security/cve/CVE-2015-3235 • CWE-264: Permissions, Privileges, and Access Controls CWE-266: Incorrect Privilege Assignment •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2014-3653 – foreman: cross-site scripting (XSS) flaw in template preview screen
https://notcve.org/view.php?id=CVE-2014-3653
Cross-site scripting (XSS) vulnerability in the template preview function in Foreman before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted provisioning template. Vulnerabilidad de XSS en la función Template Preview en Foreman anterior a 1.6.1 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de una plantilla de provisionamiento manipulada. A cross-site scripting (XSS) flaw was found in Foreman's template preview screen. A remote attacker could use this flaw to perform cross-site scripting attacks by tricking a user into viewing a malicious template. Note that templates are commonly shared among users. • http://projects.theforeman.org/issues/7483 http://theforeman.org/security.html#2014-3653 http://www.securityfocus.com/bid/70046 https://bugzilla.redhat.com/show_bug.cgi?id=1145398 https://access.redhat.com/security/cve/CVE-2014-3653 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-3691 – foreman-proxy: failure to verify SSL certificates
https://notcve.org/view.php?id=CVE-2014-3691
Smart Proxy (aka Smart-Proxy and foreman-proxy) in Foreman before 1.5.4 and 1.6.x before 1.6.2 does not validate SSL certificates, which allows remote attackers to bypass intended authentication and execute arbitrary API requests via a request without a certificate. Smart Proxy (también conocido como Smart-Proxy y foreman-proxy) en Foreman en versiones anteriores a 1.5.4 y 1.6.x en versiones anteriores a 1.6.2 no valida certificados SSL, lo que permite a atacantes remotos eludir autenticación intencionada y ejecutar peticiones API arbitrarias a través de una petición sin un certificado. It was discovered that foreman-proxy, when running in SSL-secured mode, did not correctly verify SSL client certificates. This could permit any client with access to the API to make requests and perform actions otherwise restricted. • http://projects.theforeman.org/issues/7822 http://rhn.redhat.com/errata/RHSA-2015-0287.html http://rhn.redhat.com/errata/RHSA-2015-0288.html https://github.com/theforeman/smart-proxy/pull/217 https://groups.google.com/forum/#%21topic/foreman-announce/jXC5ixybjqo https://access.redhat.com/security/cve/CVE-2014-3691 https://bugzilla.redhat.com/show_bug.cgi?id=1150879 • CWE-295: Improper Certificate Validation CWE-310: Cryptographic Issues •