CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2019-3893 – foreman: Recover of plaintext password or token for the compute resources
https://notcve.org/view.php?id=CVE-2019-3893
In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. A malicious user with the "delete_compute_resource" permission can use this flaw to take control over compute resources managed by foreman. Versions before 1.20.3, 1.21.1, 1.22.0 are vulnerable. En Foreman se descubrió que la operación de eliminar recursos de cálculo, cuando se ejecuta desde la API de Foreman, conduce a la revelación de la contraseña de texto plano o token para el recurso de cálculo afectado. Un usuario malicioso con el permiso "delete_compute_resource" puede utilizar este fallo para tomar el control de los recursos de cálculo gestionados por Foreman. • http://www.openwall.com/lists/oss-security/2019/04/14/2 http://www.securityfocus.com/bid/107846 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3893 https://github.com/theforeman/foreman/pull/6621 https://projects.theforeman.org/issues/26450 https://access.redhat.com/security/cve/CVE-2019-3893 https://bugzilla.redhat.com/show_bug.cgi?id=1696400 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14666
https://notcve.org/view.php?id=CVE-2018-14666
An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can use it to change configuration of any host registered in Red Hat Satellite, independent of the organization the host belongs to. This flaw affects all Red Hat Satellite 6 versions. Se ha encontrado un fallo de autorización incorrecta en la funcionalidad Smart Class en Foreman. Un atacante puede usarlo para cambiar la configuración de cualquier host que se encuentra registrado en Red Hat Satellite, independientemente de la organización a la que pertenezca dicho host. • http://www.securityfocus.com/bid/106490 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14666 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1CVE-2018-16887 – katello: stored XSS in subscriptions and repositories pages
https://notcve.org/view.php?id=CVE-2018-16887
A cross-site scripting (XSS) flaw was found in the katello component of Satellite. An attacker with privilege to create/edit organizations and locations is able to execute a XSS attacks against other users through the Subscriptions or the Red Hat Repositories wizards. This can possibly lead to malicious code execution and extraction of the anti-CSRF token of higher privileged users. Versions before 3.9.0 are vulnerable. Se ha encontrado un error de Cross-Site Scripting (XSS) en el componente "katello" de Satellite. • https://access.redhat.com/errata/RHSA-2019:1222 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16887 https://access.redhat.com/security/cve/CVE-2018-16887 https://bugzilla.redhat.com/show_bug.cgi?id=1645190 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 37EXPL: 1CVE-2018-1000632 – dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
https://notcve.org/view.php?id=CVE-2018-1000632
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later. dom4j en versiones anteriores a la 2.1.1 contiene una vulnerabilidad CWE-91: Inyección XML en Clase: Element. Métodos: addElement, addAttribute que puede resulta en que un atacante manipule documentos XML mediante la inyección XML. • https://access.redhat.com/errata/RHSA-2019:0362 https://access.redhat.com/errata/RHSA-2019:0364 https://access.redhat.com/errata/RHSA-2019:0365 https://access.redhat.com/errata/RHSA-2019:0380 https://access.redhat.com/errata/RHSA-2019:1159 https://access.redhat.com/errata/RHSA-2019:1160 https://access.redhat.com/errata/RHSA-2019:1161 https://access.redhat.com/errata/RHSA-2019:1162 https://access.redhat.com/errata/RHSA-2019:3172 https://github.com/dom4j/dom4j/commit&# • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') CWE-91: XML Injection (aka Blind XPath Injection) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2017-12175 – 6: XSS in discovery rule filter autocomplete functionality
https://notcve.org/view.php?id=CVE-2017-12175
Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality. Red Hat Satellite en versiones anteriores a la 6.5 es vulnerable a Cross-Site Scripting (XSS) en la regla discovery cuando se introduce un filtro y se utiliza la funcionalidad de autocompletado. • http://www.securityfocus.com/bid/101245 https://access.redhat.com/errata/RHSA-2018:2927 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12175 https://projects.theforeman.org/issues/22042 https://access.redhat.com/security/cve/CVE-2017-12175 https://bugzilla.redhat.com/show_bug.cgi?id=1498976 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •